CVE-2008-6521

OpenTerracotta 0.6.1 - Exposure of Sensitive Information via Invalid File Parameter

Title source: llm
STIX 2.1

Description

index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote attackers to obtain sensitive information via an invalid File parameter, which reveals the installation path in an error message.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41571
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/490341/100/0/threaded

Scores

EPSS 0.0128
EPSS Percentile 66.6%

Details

CWE
CWE-200
Status published
Products (1)
devraj_mukherjee/openterracotta 0.6.1
Published Mar 25, 2009
Tracked Since Feb 18, 2026