Description

The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.

Remediation

References

CVE-2006-1956

Related Vulnerabilities

WordPress Plugin Auto ThickBox Plus Cross-Site Scripting (1.9)

WordPress Plugin Contact Bank-Contact Form Builder for WordPress Cross-Site Scripting (2.1.23)

PostgreSQL Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-25695)

WordPress Plugin WP Customize Login Cross-Site Scripting (1.1)

WordPress Plugin All in One Support Button+Callback Request. WhatsApp, Messenger, Telegram, LiveChat and more Cross-Site Scripting (1.8.7)

Severity

Medium

Classification

CVE-2006-1956

Tags

Missing Update Known Vulnerabilities