CVE-2008-6521
OpenTerracotta 0.6.1 - Exposure of Sensitive Information via Invalid File Parameter
Title source: llmDescription
index.php in Terracotta (aka OpenTerracotta) 0.6.1 allows remote attackers to obtain sensitive information via an invalid File parameter, which reveals the installation path in an error message.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41571
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/490341/100/0/threaded
Scores
EPSS
0.0128
EPSS Percentile
66.6%
Details
CWE
CWE-200
Status
published
Products (1)
devraj_mukherjee/openterracotta
0.6.1
Published
Mar 25, 2009
Tracked Since
Feb 18, 2026