CVE-2011-1666

Name of the Vulnerable Software and Affected Versions Metaways Tine 2.0

Description The issue allows remote attackers to obtain sensitive information via unknown vectors in certain files, including (1) Crm/Controller.php, (2) Crm/Export/Csv.php, or (3) Calendar/Model/Attender.php. This reveals the full installation path, potentially exposing sensitive data.

Recommendations For Metaways Tine 2.0, consider restricting access to the affected files, Crm/Controller.php, Crm/Export/Csv.php, and Calendar/Model/Attender.php, until a patch is available. As a temporary workaround, limit the information that can be accessed through these files to minimize the risk of sensitive data exposure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.