Neocrome Seditio build 161 and previous versions allows remote malicious users to obtain sensitive information via direct request to (1) view.php, (2) plugins/contact/lang/contact.en.lang.php, (3) system/lang/en/main.lang.php, (4) system/lang/en/message.lang.php, or (5) system/core/view/view.inc.php, which reveals the installation path in an error message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
neocrome seditio - |