CVE-2011-3721
Concrete CMS versions 5.4.0.5, 5.4.1, and 5.4.1.1 are affected by an information-disclosure vulnerability. A remote attacker can obtain the installation path by directly requesting certain PHP files (e.g., tools/spellchecker_service.php), which leak paths in error messages. The issue is described...