CVE-2007-6607

OpenBiblio 0.5.2-pre4 and earlier allows remote attackers to obtain sensitive information via a direct request for (1) shared/footer.php, (2) circ/mbr_fields.php, or (3) admin/custom_marc_form_fields.php, which reveals the path in various error messages.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openbiblio:openbiblio:0.2:*:*:*:*:*:*:*
cpe:2.3:a:openbiblio:openbiblio:0.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openbiblio:openbiblio:0.3:*:*:*:*:*:*:*
cpe:2.3:a:openbiblio:openbiblio:0.5.1:*:*:*:*:*:*:*
cpe:2.3:a:openbiblio:openbiblio:0.5.2:*:*:*:*:*:*:*
cpe:2.3:a:openbiblio:openbiblio:0.5.2_pre4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2007-12-31 20:46

Updated : 2024-02-28 11:01


NVD link : CVE-2007-6607

Mitre link : CVE-2007-6607

CVE.ORG link : CVE-2007-6607


JSON object : View

Products Affected

openbiblio

  • openbiblio
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor