Description
Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php.
Remediation
References
Related Vulnerabilities
WebLogic CVE-2017-10271 Vulnerability (CVE-2017-10271)
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2020-1967)
Moodle Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2016-7038)
WordPress Plugin Countdown and CountUp, WooCommerce Sales Timer Cross-Site Request Forgery (1.5.7)