Information Disclosure in Joomla! MediaViewMedia Class

CVE-2011-2890 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The MediaViewMedia class in administrator/components/com_media/views/media/view.html.php in Joomla! 1.5.23 and earlier allows remote attackers to obtain sensitive information via vectors involving the base variable, leading to disclosure of the installation path, a different vulnerability than CVE-2011-2488.

Learn more about our Web Application Penetration Testing UK.