Summary
This host is installed with TYPO3 and is prone to path disclosure vulnerability.
Impact
Successful exploitation will allow remote attackers to obtain full installation path to the application.
Impact Level: Application
Solution
Upgrade to TYPO3 version 4.0 or later, or apply the patch mentioned in the below link
http://forge.typo3.org/issues/15402
Insight
An error exists in the application which fails to properly determine its own physical path and therefore trying to "require()" a wrong class file
Affected
TYPO3 version 3.7.1 and before
Detection
Get the installed version with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2006-0327 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Struts Showcase Multiple Persistence Cross-Site Scripting Vulnerabilities
- 2532|Gigs Directory Traversal And SQL Injection Multiple Vulnerabilities
- Apache CouchDB Cross Site Request Forgery Vulnerability
- Apache Tomcat cal2.jsp Cross Site Scripting Vulnerability
- Admidio get_file.php Remote File Disclosure Vulnerability