FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

wordpress -- full path disclosure

Affected packages
wordpress < 1.5.2

Details

VuXML ID e0b342a1-d2ae-11da-a672-000e0c2e438a
Discovery 2005-12-20
Entry 2006-04-23

Dedi Dwianto reports:

A remote user can access the file directly to cause the system to display an error message that indicates the installation path. The resulting error message will disclose potentially sensitive installation path information to the remote attacker.

[source]

References

CVE Name CVE-2005-4463
URL http://echo.or.id/adv/adv24-theday-2005.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.