Description

The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.

Remediation

References

CVE-2006-1956

Related Vulnerabilities

TYPO3 Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2014-9508)

WordPress Plugin JS MultiHotel Multiple Vulnerabilities (2.2.1)

WordPress Plugin Login With Ajax Cross-Site Scripting (3.1.6)

Oracle Application Server Other Vulnerability (CVE-2007-0282)

Oracle Database Server Other Vulnerability (CVE-2007-0276)

Severity

Medium

Classification

CVE-2006-1956

Tags

Missing Update Known Vulnerabilities