Installation Path Disclosure Weakness in Enano CMS

2010-11-16T00:00:00
ID HTB22708
Type htbridge
Reporter High-Tech Bridge
Modified 2010-11-16T00:00:00

Description

High-Tech Bridge SA Security Research Lab has discovered a weakness in Enano CMS which could be exploited to gain access to potentially sensitive information.

1) Installation path disclosure weakness in Enano CMS: CVE-2010-4781
The weakness exists due to application reveals the full path to installation directory in an error message. A remote attacker can directly access the "/index.php" script and gain knowledge of the web root directory and other potentially sensitive information. Successful exploitation requires that php_display_errors variable is on.
Exploitation examples:

http://[host]/index.php?title=Special:Captcha/1
http://[host]/index.php?tit le[]=1