PT-2010-5577 · Html Edit · Html-Edit Cms

Published

2010-12-29

Updated

2017-08-17

CVE-2010-4611

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Html-edit CMS version 3.1.8

Description The issue allows remote attackers to obtain sensitive information via direct requests to specific files, including pages.php and menu.php in includes/core files, and extensions/login/frontend/pages/antihacker.php. These requests can reveal the installation path in an error message.

Recommendations For Html-edit CMS version 3.1.8, consider restricting access to the files pages.php, menu.php, and antihacker.php to minimize the risk of exploitation. Avoid using these files until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2010-4611

Affected Products

Html-Edit Cms

PT-2010-5577 · Html Edit · Html-Edit Cms

CVE-2010-4611

Weakness Enumeration

Related Identifiers

Affected Products

References · 5