ImageFolio 2.23 up to and including 2.27 allows remote malicious users to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bizdesign imagefolio 2.26 |
||
bizdesign imagefolio 2.23 |
||
bizdesign imagefolio 2.24 |
||
bizdesign imagefolio 2.27 |