CVE-2011-3748

Name of the Vulnerable Software and Affected Versions Kamads Classifieds version 2 B3

Description The issue allows remote attackers to obtain sensitive information via a direct request to a .php file. This is demonstrated by files such as V2A XHTML/style/view.php, which reveals the installation path in an error message.

Recommendations For version 2 B3, consider restricting access to sensitive .php files to prevent information disclosure. As a temporary workaround, modify the error handling mechanism to avoid revealing the installation path in error messages.