CVE-2006-1956
Joomla and Mambo - Information Disclosure via Invalid Feed Parameter
Title source: llmDescription
The com_rss option (rss.php) in (1) Mambo and (2) Joomla! allows remote attackers to obtain sensitive information via an invalid feed parameter, which reveals the path in an error message.
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://www.kapda.ir/advisory-313.html
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/431317/100/0/threaded
Exploit, URL Repurposed x_refsource_misc
http://irannetjob.com/content/view/209/28/
Scores
EPSS
0.0001
EPSS Percentile
1.9%
Details
Status
published
Products (2)
joomla/joomla
1.0.7
mambo/mambo
4.5.3h h
Published
Apr 21, 2006
Tracked Since
Feb 18, 2026