Description

MediaWiki before 1.9.2 allows remote attackers to obtain sensitive information via a direct request to (1) Simple.deps.php, (2) MonoBook.deps.php, (3) MySkin.deps.php, or (4) Chick.deps.php in wiki/skins, which shows the installation path in the resulting error message.

Remediation

References

CVE-2007-0894

Related Vulnerabilities

Drupal Core 8.x.x Remote Code Execution (8.0.0 - 8.7.14)

WordPress Plugin Filter Custom Fields & Taxonomies Light Unspecified Vulnerability (1.04)

Jboss EAP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-14721)

PHP Other Vulnerability (CVE-2009-1271)

Magento CVE-2022-34259 Vulnerability (CVE-2022-34259)

Severity

Medium

Classification

CVE-2007-0894

Tags

Missing Update Known Vulnerabilities