The MediaViewMedia class in administrator/components/com_media/views/media/view.html.php in Joomla! 1.5.23 and earlier allows remote attackers to obtain sensitive information via vectors involving the base variable, leading to disclosure of the installation path, a different vulnerability than CVE-2011-2488.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2011-07-27 13:55
Updated : 2017-08-28 18:29
NVD link : CVE-2011-2890
Mitre link : CVE-2011-2890
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
joomla
- joomla\!