Description

One or more pages were found to contain an ColdFusion error message that discloses the installation path and other potentially sensitive data.

Remediation

Review the source code for the affected pages.

References

OWASP - Information Disclosure

Adobe ColdFusion - Lockdown Guide

Related Vulnerabilities

WordPress Plugin WP-Invoice-Web Invoice and Billing Multiple Vulnerabilities (4.1.0)

Version Disclosure (PHP)

WordPress Plugin WooCommerce Email Test Information Disclosure (1.5)

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9855)

WordPress Plugin Cart66 Pro Arbitrary File Disclosure (1.5.3)

Severity

Low

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure