CVE-2011-0775

Name of the Vulnerable Software and Affected Versions PivotX version 2.2.2

Description The issue allows remote attackers to obtain sensitive information via a non-existent file in the image parameter. This is achieved by exploiting the pivotx/modules/module image.php file, which reveals the installation path in an error message when a non-existent file is specified.

Recommendations For PivotX version 2.2.2, consider restricting access to the module image.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the image parameter with non-existent files until a patch is available.