Description

The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.

Remediation

References

CVE-2006-1956

Related Vulnerabilities

LimeSurvey Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-43279)

Perl Out-of-bounds Write Vulnerability (CVE-2023-47038)

Oracle JRE CVE-2019-2962 Vulnerability (CVE-2019-2962)

WordPress Plugin Banner Effect Header Cross-Site Scripting (1.2.7)

WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (6.2.03)

Severity

Medium

Classification

CVE-2006-1956

Tags

Missing Update Known Vulnerabilities