Sensitive Information Disclosure in Enano CMS 1.1.7pl1 and Earlier Versions

Sensitive Information Disclosure in Enano CMS 1.1.7pl1 and Earlier Versions

CVE-2010-4781 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, allows remote attackers to obtain sensitive information via a crafted title parameter, which reveals the installation path in an error message.

Learn more about our Cms Pen Testing.