Description
MediaWiki 1.8.1, and other versions before 1.13.3, when the wgShowExceptionDetails variable is enabled, sometimes provides the full installation path in a debugging message, which might allow remote attackers to obtain sensitive information via unspecified requests that trigger an uncaught exception.
Remediation
References
Related Vulnerabilities
WordPress Plugin Really Easy Slider TimThumb Arbitrary File Upload (0.1)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2081)
WordPress 5.3.x Multiple Vulnerabilities (5.3 - 5.3.16)
TCExam Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3806)
TYPO3 Files or Directories Accessible to External Parties Vulnerability (CVE-2021-21355)