Lucene search
K

149 matches found

Cvelist
Cvelist
added 2005/10/18 4:0 a.m.16 views

CVE-2005-3255

The 1 cgiwrap and 2 php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs...

6.2AI score0.01859EPSS
Exploits0References1
Cvelist
Cvelist
added 2005/09/16 4:0 a.m.18 views

CVE-2005-2956

ATutor 1.5.1, and possibly earlier versions, stores temporary chat logs under the web document root with insufficient access control and predictable filenames, which allows remote attackers to obtain user chat conversations via direct requests to those files...

6.8AI score0.0287EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/07/26 4:0 a.m.23 views

CVE-2005-2381

PHP Surveyor 0.98 allows remote attackers to obtain sensitive information via a direct request to 1 question.php, 2 survey.php, or 3 group.php in the root directory, a direct request to 4 database.php, 5 sessioncontrol.php, 6 html.php, 7 sessioncontrol.php, an invalid 8 qid parameter to...

6.2AI score0.01181EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/07/01 4:0 a.m.30 views

CVE-2005-2110

WordPress 1.5.1.2 and earlier allows remote attackers to obtain sensitive information via 1 a direct request to menu-header.php or a "1" value in the feed parameter to 2 wp-atom.php, 3 wp-rss.php, or 4 wp-rss2.php, which reveal the path in an error message. NOTE: vector 1 was later reported to al...

5.9AI score0.02879EPSS
Exploits0References5
OSV
OSV
added 2005/05/20 4:0 a.m.2 views

DEBIAN-CVE-2005-1688

Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in 1 wp-content/themes/, 2 wp-includes/, or 3 wp-admin/, which reveal the path in an error message...

5.3CVSS6.6AI score0.01906EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2005/05/20 12:0 a.m.4 views

PT-2005-2664 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: Wordpress versions 1.5 and earlier Description: The issue allows remote attackers to obtain sensitive information via a direct request to files in 1 wp-content/themes/, 2 wp-includes/, or 3 wp-admin/, which reveal the path in an error message...

5.3CVSS6.4AI score0.01906EPSS
Exploits0References7
NVD
NVD
added 2005/05/02 4:0 a.m.25 views

CVE-2005-0544

phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to 1 sqlvalidator.lib.php, 2 sqlparser.lib.php, 3 selecttheme.lib.php, 4 selectlang.lib.php, 5 relationcleanup.lib.php, 6 headermetastyle.inc.php, 7 getforeign.lib.php, 8 displaytbllinks.lib.php, 9...

5CVSS6.5AI score0.01457EPSS
Exploits0References3
NVD
NVD
added 2005/05/02 4:0 a.m.22 views

CVE-2005-0869

phpSysInfo 2.3 allows remote attackers to obtain sensitive information via a direct request to 1 class.OpenBSD.inc.php, 2 class.NetBSD.inc.php, 3 class.FreeBSD.inc.php, 4 class.Darwin.inc.php, 5 XPath.class.php, 6 systemheader.php, or 7 systemfooter.php, which reveal the path in a PHP error messa...

5CVSS6.1AI score0.01409EPSS
Exploits0References3
NVD
NVD
added 2004/12/31 5:0 a.m.12 views

CVE-2004-2196

Zanfi CMS lite 1.1 allows remote attackers to obtain the full path of the web server via direct requests without required arguments to 1 admpages.php, 2 corrpages.php, 3 delblock.php, 4 delpage.php, 5 footer.php, 6 home.php, and others...

5CVSS6.7AI score0.02313EPSS
Exploits1References11
Rows per page
Query Builder