Description

Joomla! before 1.5.12 does not perform a JEXEC check in unspecified files, which allows remote attackers to obtain the installation path via unspecified vectors.

Remediation

References

CVE-2011-4911

Related Vulnerabilities

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-5867)

WordPress Plugin WP Google Maps Multiple Cross-Site Scripting Vulnerabilities (6.0.26)

WordPress Plugin WP Featured Post with thumbnail 'src' Parameter Cross-Site Scripting (3.0)

PHP Resource Management Errors Vulnerability (CVE-2012-0830)

WordPress Plugin Restricted Site Access Security Bypass (7.3.1)

Severity

Medium

Classification

CVE-2011-4911 CWE-20

Tags

Missing Update Known Vulnerabilities