CVE-2011-2891
Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.
We have discovered 268,469 live websites that are affected by CVE-2011-2891.
Affected Software
| Product |  Joomla |
| Category | Content Management System |
| Vulnerable Domains | 268,469 live websites (96.66% of Joomla install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 4 versions ( 2.38% of all versions) |
Details
- Published - Jul 28, 2011
- Updated - Aug 6, 2024
CVE References
CVE-2011-2891 usage by Country
 United States | 15,557 websites |
 Italy | 66,453 websites |
 Australia | 24,768 websites |
 GB | 16,635 websites |
 Germany | 13,780 websites |
 Russia | 13,533 websites |
 Poland | 12,588 websites |
 Netherlands | 11,472 websites |
 Iran | 9,178 websites |
 South Africa | 8,915 websites |
CVE-2011-2891 usage by TLD
| .com | 65,347 websites |
| .it | 43,638 websites |
| .com.au | 17,014 websites |
| .ru | 11,607 websites |
| .pl | 8,998 websites |
| .co.uk | 8,957 websites |
| .org | 7,387 websites |
| .nl | 6,817 websites |
| .de | 6,532 websites |
| .net | 5,785 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2011-2891
Top websites that are affected by CVE-2011-2891. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| *****************.de | Germany | *,*** | |
| *******.**.ca |  Canada | *,*** | |
| **************.********.com | United States | **,*** | |
| ***********.com | Italy | **,*** | |
| ***********.**.za | South Africa | **,*** | |
| ********.com |  Serbia | **,*** | |
| ***************.com | Italy | **,*** | |
| ********.com | United States | **,*** | |
| *********.com | GB | **,*** | |
| *****.**.uk | GB | **,*** |
FAQ
A total of 268,469 websites have been identified as vulnerable to CVE-2011-2891, discovered through global website indexing conducted by WebTechSurvey.
Joomla is susceptible to CVE-2011-2891 vulnerability.
Joomla versions before 1.6.2 are vulnerable to CVE-2011-2891.
Version 1.6.2 of Joomla addresses the CVE-2011-2891 security vulnerability.
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68881
- http://bl0g.yehg.net/2011/04/joomla-161-and-lower-information.html
- http://www.openwall.com/lists/oss-security/2011/06/27/8
- http://www.openwall.com/lists/oss-security/2011/06/27/6
- http://developer.joomla.org/security/news/341-20110402-core-information-disclosure.html