Description
Joomla! 1.0.12 allows remote attackers to obtain sensitive information via a direct request for (1) Stat.php (2) OutputFilter.php, (3) OutputCache.php, (4) Modifier.php, (5) Reader.php, and (6) TemplateCache.php in includes/patTemplate/patTemplate/; (7) includes/Cache/Lite/Output.php; and other unspecified components, which reveal the path in various error messages.
Remediation
References
Related Vulnerabilities
WordPress Plugin Funky Penguin WP-PHPList 'unsubscribeemail' Parameter Cross-Site Scripting (2.10.2)
Liferay DXP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2024-25143)
ownCloud Other Vulnerability (CVE-2015-5954)
WordPress Plugin History Collection Arbitrary File Download (1.1.1)