6.6 Medium
AI Score
Confidence
Low
0.006 Low
EPSS
Percentile
78.4%
property.php in Widget Property 1.1.19 allows remote attackers to obtain the full server path via an invalid lang value, which leaks the path in the resulting error message.
pridels0.blogspot.com/2005/12/widget-property-vuln.html
secunia.com/advisories/17829
www.osvdb.org/21427