CVE-2011-3784

Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files...

CVE-2011-3800

Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/newspaper/layout.php and certain other files...

CVE-2011-3802

StatusNet 0.9.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tpl/index.php and certain other files...

CVE-2011-3807

Textpattern 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/txplibdb.php and certain other files...

CVE-2011-3812

Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files...

CVE-2011-3822

XOOPS 2.5.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/system/xoopsversion.php and certain other files...

CVE-2011-3787

phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php and certain other files...

CVE-2011-3760

Nucleus 3.61 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/apinucleus.inc.php and certain other files...

CVE-2011-3824

The CVE-2011-3824 issue affects Your Own URL Shortener (YOURLS) 1.5, where a direct request to a PHP file can disclose installation path information via an error message (e.g., includes/auth.php and similar files). Root cause: error disclosure leaking path details through PHP error handling. Impa...

CVE-2011-3786

PHProjekt 6.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Setup/Controllers/IndexController.php...

CVE-2011-3768

CVE-2011-3768 concerns Phorum 5.2.15a. The vulnerability is an information disclosure where remote attackers can obtain the installation path by making a direct request to a PHP file, with the path exposed in an error message (e.g., via css.php and related files). The connected documents confirm ...

CVE-2011-3791

Piwik 1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Widgetize/Widgetize.php and certain other files...

CVE-2011-3794

Pligg CMS 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/init.php and certain other files...

CVE-2011-3822

CVE-2011-3822 affects XOOPS 2.5.0. The vulnerability is an information disclosure where a direct request to a .php file (e.g., modules/system/xoops_version.php) can reveal the installation path in an error message. The issue is documented across multiple sources (NVD, Red Hat, OpenVAS, etc.) with...

CVE-2011-3815

WeBid 1.0.0 is affected by an information-disclosure vulnerability: an unauthorized remote user can trigger an error page from certain PHP files (e.g., js/calendar.php) that reveals the installation path. Affects components handling direct PHP requests; underlying cause is improper error handling...

CVE-2011-3806

TCExam 11.1.015 is affected by an information-disclosure vulnerability: a remote attacker can trigger an error in a direct request to a PHP file (e.g., public/code/tce_page_footer.php) and obtain the installation path. This is documented across multiple sources (NVD/Red Hat/CVEs) and is described...

CVE-2011-3801

CVE-2011-3801 affects SimpleTest 1.0.1 and allows remote attackers to disclose the installation path by requesting certain PHP files (e.g., test/visual_test.php), causing an error message. Impact is partial confidentiality, with no provided evidence of exploitation details in the connected docume...

CVE-2011-3798

Mode C: The CVE-2011-3798 entry concerns Rapid Leech 2.3-v42-svn322. The vulnerability allows remote attackers to disclose sensitive information by requesting a specific PHP file directly, causing an error message to reveal the installation path (illustrated by files such as classes/pear.php). Th...

CVE-2011-3793

Pixie 1.04 is affected by an information-disclosure vulnerability where remote attackers can obtain sensitive data by requesting a PHP file directly, causing an error message that reveals the installation path (e.g., admin/modules/static.php). ThisSummary is supported by multiple sources (NVD, Re...

CVE-2011-3783

phpMyFAQ 2.6.13 is affected by an information-disclosure vulnerability: remote attackers can obtain the installation path by requesting a PHP file directly, which outputs an error message revealing paths (e.g., lang/language_uk.php). The vulnerability is described in multiple sources; no fix/vers...