Description
Joomla! 1.0.12 allows remote attackers to obtain sensitive information via a direct request for (1) Stat.php (2) OutputFilter.php, (3) OutputCache.php, (4) Modifier.php, (5) Reader.php, and (6) TemplateCache.php in includes/patTemplate/patTemplate/; (7) includes/Cache/Lite/Output.php; and other unspecified components, which reveal the path in various error messages.
Remediation
References
Related Vulnerabilities
WordPress Plugin Disable Comments Cross-Site Request Forgery (1.0.3)
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2020-13654)
Drupal Core 9.3.x Remote Code Execution (9.3.0 - 9.3.18)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-0813)