2 matches found
CVE-2010-5187
SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1, when running on servers with certain configurations, allows remote attackers to obtain sensitive information via a direct request to PHP files in the 1 sapphire, 2 cms, or 3 mysite folders, which reveals the installation path in an error...
CVE-2010-5187
SilverStripe 2.3.x (before 2.3.8) and 2.4.x (before 2.4.1) is affected. When configured in certain environments, a remote attacker can trigger direct access to PHP files under sapphire, cms, or mysite and cause an error message that reveals the installation path (information disclosure). Root cau...