3 matches found
CVE-2011-3803
SugarCRM 6.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Sugar5/layoututils.php and certain other files...
CVE-2011-3803
SugarCRM 6.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Sugar5/layoututils.php and certain other files...
CVE-2011-3803
CVE-2011-3803 affects SugarCRM 6.1.0. Remote attackers can read sensitive information by directly requesting certain PHP files (e.g., themes/Sugar5/layout_utils.php), triggering error messages that reveal the installation path. Root cause is information disclosure via error output when accessing ...