CVE-2011-2891

Published Jul 27, 2011

Last updated 7 years ago

CVSS info 5.0

Overview

Description: Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:N/A:N

Weaknesses

nvd@nist.gov: CWE-200

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:alpha:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C15380EB-6543-4C95-9B7F-35DDD99D1C37"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:alpha2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C95EE9E1-CB59-4E8B-B57B-991295790328"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "605F893A-2612-4524-B24B-0468F5EE2019"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21D252E2-1961-4D4F-8471-584CF6CB39E5"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B0930E8-3E98-4DF5-AED3-146D34F843D7"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta12:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C732CFEF-CF4D-4EB7-A730-A5764B40A9BC"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta13:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "10880E1E-8478-485C-AD9C-ABE4C51D2EA7"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta14:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "816A10B4-EC28-47EF-BD47-7F431AB77561"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9085C7C-6CA0-4423-93B1-9E8AF6D2978E"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5BCAD021-E5B2-4232-81FF-BB04908F4FE6"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B842E1A-348B-4644-930E-CF46E1E38E70"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D08BB717-4841-482D-A1AD-E8DF769E57C0"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "065980D5-AEBA-44B1-A58D-8BF8FFF674F8"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBC711DC-C790-4558-B305-A812EE2290B9"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37DE1D53-EE34-4C2C-B2AD-3DD58254C874"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9E11C49B-2A3E-4D52-BEFA-CDDB751E20AD"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:beta9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D6CA7BE-DD88-4899-A284-C9E4F97F4005"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2C686887-75D3-4682-AE61-245D10EEAADE"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B15F42BC-7826-493B-8C5A-D70A7263DCB0"
          },
          {
            "criteria": "cpe:2.3:a:joomla:joomla\\!:1.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AAC6CF00-2D88-4B97-A496-DCBE1B4E9A00"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References