CVE-2014-1908

Name of the Vulnerable Software and Affected Versions VideoWhisper Live Streaming Integration plugin versions prior to 4.29.5

Description The issue allows remote attackers to obtain sensitive information via a direct request to certain files, including bp.php, videowhisper streaming.php, and ls/rtmp.inc.php, which reveals the full path in an error message.

Recommendations For versions prior to 4.29.5, update to version 4.29.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the files bp.php, videowhisper streaming.php, and ls/rtmp.inc.php to minimize the risk of exploitation.