CVE-2012-4674
PluXml < 5.1.6 - Unauthenticated Installation Path Exposure via PHPSESSID
Title source: llmDescription
PluXml before 5.1.6 allows remote attackers to obtain the installation path via the PHPSESSID.
References (2)
Core 2
Core References
Various Sources x_refsource_confirm
http://telechargements.pluxml.org/changelog
Various Sources x_refsource_confirm
http://www.pluxml.org/article59/sortie-de-pluxml-5-1-6
Scores
EPSS
0.0117
EPSS Percentile
63.7%
Details
CWE
CWE-200
Status
published
Products (1)
pluxml/pluxml
< 5.1.5
Published
Aug 26, 2012
Tracked Since
Feb 18, 2026