CVE-2010-4611

Name of the Vulnerable Software and Affected Versions Html-edit CMS version 3.1.8

Description The issue allows remote attackers to obtain sensitive information via direct requests to specific files, including pages.php and menu.php in includes/core files, and extensions/login/frontend/pages/antihacker.php. These requests can reveal the installation path in an error message.

Recommendations For Html-edit CMS version 3.1.8, consider restricting access to the files pages.php, menu.php, and antihacker.php to minimize the risk of exploitation. Avoid using these files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.