3 matches found
CVE-2014-5107
concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct request to 1 system/basics/editor.php, 2 system/view.php, 3 system/environment/filestoragelocations.php, 4 system/mail/importers.php, 5 system/mail/method.php, 6 system/permissions/filetypes.php, 7...
CVE-2014-5107
concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct request to 1 system/basics/editor.php, 2 system/view.php, 3 system/environment/filestoragelocations.php, 4 system/mail/importers.php, 5 system/mail/method.php, 6 system/permissions/filetypes.php, 7...
CVE-2014-5107
Summary: CVE-2014-5107 affects concrete5 prior to 5.6.3. The vulnerability allows remote attackers to obtain the installation path via direct requests to a list of dashboard/ system pages (e.g., system/basics/editor.php, system/view.php, scrapbook/view.php, etc.). The issue is described consisten...