Description

The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.

Remediation

References

CVE-2006-1956

Related Vulnerabilities

XOOPS Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2008-0613)

WordPress Plugin Yoast SEO Cross-Site Scripting (11.5)

WordPress Plugin Accept Donations with PayPal Cross-Site Request Forgery (1.3)

Oracle Application Server CVE-2008-7237 Vulnerability (CVE-2008-7237)

GibbonEdu Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-22868)

Severity

Medium

Classification

CVE-2006-1956

Tags

Missing Update Known Vulnerabilities