Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2727

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-2727
Last Modified 25 Mar 2015 04:46:06
Published 29 Dec 2014 09:59:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2727

Summary

The (1) templatewrap/templatefoot.php, (2) cmsjs/plugin.js.php, and (3) cmsincludes/cms_plugin_api_link.inc.php scripts in Tribal Tribiq CMS before 5.2.7c allow remote attackers to obtain sensitive information via a direct request, which reveals the full path in an error message.

Vulnerable Systems

Application

  • Tribal Tribiq Cms 5.2.7b

  • Tribiq Cms 5.2.7b


References

MISC - https://www.htbridge.com/advisory/HTB22857


Last Updated: 27 May 2016 10:50:04