CVE-2011-2727

Name of the Vulnerable Software and Affected Versions Tribal Tribiq CMS versions prior to 5.2.7c

Description The issue allows remote attackers to obtain sensitive information via a direct request to certain scripts, which reveals the full path in an error message. The affected scripts include templatewrap/templatefoot.php, cmsjs/plugin.js.php, and cmsincludes/cms plugin api link.inc.php.

Recommendations For versions prior to 5.2.7c, update to version 5.2.7c or later to resolve the issue. As a temporary workaround, consider restricting direct access to the sensitive scripts, specifically templatewrap/templatefoot.php, cmsjs/plugin.js.php, and cmsincludes/cms plugin api link.inc.php, until the update is applied.