CVE-2007-0894

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.9.2

Description: The issue allows remote attackers to obtain sensitive information by making a direct request to certain files in the wiki/skins directory, including (1) "Simple.deps.php", (2) "MonoBook.deps.php", (3) "MySkin.deps.php", or (4) "Chick.deps.php". The resulting error message reveals the installation path.

Recommendations: For MediaWiki versions prior to 1.9.2, update to version 1.9.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the wiki/skins directory to minimize the risk of exploitation.