CVE-2012-4256
jNews (com_jnews) 7.5.1 - Exposure of Sensitive Information via Emailsearch Parameter
Title source: llmDescription
The jNews (com_jnews) component 7.5.1 for Joomla! allows remote attackers to obtain sensitive information via the emailsearch parameter, which reveals the installation path in an error message.
References (3)
Core 3
Core References
Exploit x_refsource_misc
http://packetstormsecurity.org/files/112233/jNews-7.5.1-Information-Disclosure.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/75198
Exploit x_refsource_misc
http://hauntit.blogspot.com/2012/04/en-jnews-jnewscore751-information.html
Scores
EPSS
0.0148
EPSS Percentile
70.9%
Details
CWE
CWE-200
Status
published
Products (1)
joobi/com_jnews
7.5.1
Published
Aug 13, 2012
Tracked Since
Feb 18, 2026