Description

Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors.

Remediation

References

CVE-2011-4911

Related Vulnerabilities

WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-5113)

WordPress 2.8.4 Denial of Service Vulnerability (0.6.2 - 2.8.4)

WebLogic Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-7103)

WordPress Plugin WP Payeezy Pay Local File Inclusion (2.97)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-3731)

Severity

Medium

Classification

CVE-2011-4911 CWE-20

Tags

Missing Update Known Vulnerabilities