Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2010-5187 - Vulnerability Database
silverstripeCMS

silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2010-5187

Medium
Reference: CVE-2010-5187
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-5187
Title: silverstripeCMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 when running on servers with certain configurations allows remote attackers to obtain sensitive information via a direct request to PHP files in the (1) sapphire (2) cms or (3) mysite folders which reveals the installation path in an error message.