CVE-2011-3798

Name of the Vulnerable Software and Affected Versions Rapid Leech version 2.3-v42-svn322

Description The issue allows remote attackers to obtain sensitive information via a direct request to a .php file. This is achieved by exploiting the error message that reveals the installation path when accessing certain files, such as classes/pear.php.

Recommendations For Rapid Leech version 2.3-v42-svn322, consider restricting access to sensitive .php files, such as classes/pear.php, to prevent the disclosure of the installation path. Additionally, review the error handling mechanism to prevent sensitive information from being revealed in error messages.