172 matches found
CVE-2007-1574
CARE2X 2.2 (and possibly earlier) is affected by an information-disclosure vulnerability where remote attackers can obtain configuration details via a direct request to phpinfo.php (which calls phpinfo). The provenance of this information is unknown and comes from third party sources. The vulnera...
D-Link Access-Point <= 2.10na (DWL Series) Config Disclosure Vuln
Exploit for hardware platform in category remote exploits ================================================================= D-Link Access-Point = 2.10na DWL Series Config Disclosure Vuln ================================================================= ADVISORY/0206 - D-Link Wireless Access-Point...
OfficeScan configuration file disclosure
Trend Micro OfficeScan Corporate Edition Japanese version: Virus Buster Corporate Edition web-based management console let anybody access /officescan/hotdownload without authentication. SPDX-FileCopyrightText: 2002 Michel Arboi Some text descriptions might be excerpted from a referenced sources,...
JBOSS 3.2.2-3.2.7 / 4.0.2 installation path disclosure / config disclosure / version fingerprinting
Security Advisory: JBOSS 3.2.2-3.2.7 / 4.0.2 installation path disclosure / config disclosure / version fingerprinting Date: 14/06/05 URL: http://www.illegalaccess.org/java/jbosspath.php Problem: The default installation of JBoss reveals the path of the installation directory and allows...
eZ Publish site.ini Configuration Disclosure
Binary data 1562.prm...
[Full-Disclosure] Sweex 802.11g router/accesspoint config disclosure / remote config
Maniac Security Advisory 2004-01 Configuration disclosure on Wireless Accesspoint/Router SUMMARY Critical elements of the accesspoint's configuration can be discovered by any client connected to the accesspoint. This includes the administration username and password. AFFECTED PRODUCTS Sweex...
eZ Publish settings/site.ini Configuration Disclosure
eZ Publish, a content management system, is installed on the remote host. A remote attacker can retrieve the file 'settings/site.ini', which contains information such as database name, username, and password. This information could be used to mount further attacks. This version of eZ Publish also...
Cisco ATA-186 - HTTP Device Configuration Disclosure
Cisco ATA-186 - HTTP Device Configuration Disclosure source: https://www.securityfocus.com/bid/4711/info The Cisco ATA-186 Analog Telephone Adapter is a hardware device designed to interface between analog telephones and Voice over IP VoIP. It includes support for web based configuration...
Cisco ATA-186 - HTTP Device Configuration Disclosure
source: https://www.securityfocus.com/bid/4711/info The Cisco ATA-186 Analog Telephone Adapter is a hardware device designed to interface between analog telephones and Voice over IP VoIP. It includes support for web based configuration. Reportedly, HTTP requests consisting of a single character...
Phorum 3.x - PHP Configuration Disclosure
Phorum 3.x - PHP Configuration Disclosure source: https://www.securityfocus.com/bid/1985/info Phorum is a PHP based web forums package. Due to an error in the implementation of forum selection in administrative scripts, any user can view the any PHP script on the target host. This is due to...
Phorum 3.x - PHP Configuration Disclosure
source: https://www.securityfocus.com/bid/1985/info Phorum is a PHP based web forums package. Due to an error in the implementation of forum selection in administrative scripts, any user can view the any PHP script on the target host. This is due to user-supplied input being referenced as a...
Webcart Default Install Configuration Disclosure
At least one of these file or directories is world readable : /webcart/orders/ /webcart/orders/import.txt /webcart/carts/ /webcart/config/ /webcart/config/clients.txt /webcart-lite/orders/import.txt /webcart-lite/config/clients.txt This misconfiguration may allow an attacker to gather the credit...