Description
Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/newspaper/layout.php and certain other files.
Remediation
References
Related Vulnerabilities
WordPress Plugin Facebook, Twitter & Google+ Social Widgets Multiple Vulnerabilities (1.3.7)
Joomla! Core 3.x.x Multiple Vulnerabilities (3.7.0 - 3.8.3)
Jboss Deserialization of Untrusted Data Vulnerability (CVE-2017-7504)
OpenSSL Cryptographic Issues Vulnerability (CVE-2014-0076)
WordPress Plugin CPT Bootstrap Carousel Cross-Site Scripting (1.12)