Description
PhpMyFaq 1.5.1 allows remote attackers to obtain sensitive information via a LANGCODE parameter that does not exist, which reveals the path in an error message.
Remediation
References
Related Vulnerabilities
WordPress Plugin YITH Pre-Order for WooCommerce Security Bypass (1.1.9)
Django Improper Input Validation Vulnerability (CVE-2010-4535)
WordPress Plugin Manage Calameo Publications by Athlon Cross-Site Scripting (1.1.0)
TYPO3 Cleartext Transmission of Sensitive Information Vulnerability (CVE-2022-31046)
Oracle Database Server Create Session privilege issue (CVE-2021-1993)