Description

The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.

Remediation

References

CVE-2006-1956

Related Vulnerabilities

Nexus Repository Manager Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-16619)

WordPress Plugin Couponer 'print-coupon.php' SQL Injection (1.2)

GlassFish CVE-2017-10385 Vulnerability (CVE-2017-10385)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.27)

Jboss EAP Improper Input Validation Vulnerability (CVE-2014-0034)

Severity

Medium

Classification

CVE-2006-1956

Tags

Missing Update Known Vulnerabilities