ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Imagefolio | Bizdesign | 2.26 | 2.26 |
Imagefolio | Bizdesign | 2.24 | 2.24 |
Imagefolio | Bizdesign | 2.27 | 2.27 |
Imagefolio | Bizdesign | 2.23 | 2.23 |