Elgg 1.7.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by vendors/simpletest/test/visual_test.php and certain other files.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:15:05

Updated: 2022-10-03T16:15:05

Reserved: 2022-10-03T00:00:00


Link: CVE-2011-3733

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2011-09-23T23:55:03.257

Modified: 2012-03-12T04:00:00.000


Link: CVE-2011-3733

JSON object: View

cve-icon Redhat Information

No data.

CWE