Lucene search
HistoryDec 30, 2014 - 2:59 a.m.
CVE-2011-2727
cve-2011-2727
information disclosure
tribal tribiq cms
security vulnerability
6.3 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
71.9%
The (1) templatewrap/templatefoot.php, (2) cmsjs/plugin.js.php, and (3) cmsincludes/cms_plugin_api_link.inc.php scripts in Tribal Tribiq CMS before 5.2.7c allow remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.
| CPE | Name | Operator | Version |
|---|---|---|---|
| tribiq:tribiq_cms | tribiq tribiq cms | le | 5.2.7b |
References
Related
prion
prion
Information disclosure
2014-12-30 02:59:00
cvelist
cvelist
CVE-2011-2727
2014-12-30 02:00:00
htbridge
htbridge
Installation Path Disclosure Weakness in Tribiq CMS | HTB22857
2011-02-17 00:00:00
openvas
openvas
Tribiq CMS Direct Request Information Disclosure Vulnerability
2014-12-31 00:00:00
6.3 Medium
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
0.004 Low
EPSS
Percentile
71.9%
Related for CVE-2011-2727