OpenBiblio 0.5.2-pre4 and previous versions allows remote malicious users to obtain sensitive information via a direct request for (1) shared/footer.php, (2) circ/mbr_fields.php, or (3) admin/custom_marc_form_fields.php, which reveals the path in various error messages.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbiblio openbiblio 0.2 |
||
openbiblio openbiblio 0.2.1 |
||
openbiblio openbiblio 0.3 |
||
openbiblio openbiblio 0.5.1 |
||
openbiblio openbiblio 0.5.2 |
||
openbiblio openbiblio 0.5.2_pre4 |