3857 matches found
CVE-2011-3824
The CVE-2011-3824 issue affects Your Own URL Shortener (YOURLS) 1.5, where a direct request to a PHP file can disclose installation path information via an error message (e.g., includes/auth.php and similar files). Root cause: error disclosure leaking path details through PHP error handling. Impa...
CVE-2011-3823
CVE-2011-3823 affects Yamamah 1.0. A vulnerable behavior allows remote attackers to obtain sensitive information by requesting a .php file directly, causing an error message that reveals the installation path (e.g., themes/default/index.php and similar files). The underlying root cause is an info...
CVE-2011-3822
CVE-2011-3822 affects XOOPS 2.5.0. The vulnerability is an information disclosure where a direct request to a .php file (e.g., modules/system/xoops_version.php) can reveal the installation path in an error message. The issue is documented across multiple sources (NVD, Red Hat, OpenVAS, etc.) with...
CVE-2011-3821
CVE-2011-3821 affects xajax 0.6 beta1. A direct request to a vulnerable PHP file (e.g., xajax_core/plugin_layer/xajaxScriptPlugin.inc.php and related files) may disclose the installation path via an error message. The provided documents confirm the information-disclosure impact but do not describ...
CVE-2011-3806
TCExam 11.1.015 is affected by an information-disclosure vulnerability: a remote attacker can trigger an error in a direct request to a PHP file (e.g., public/code/tce_page_footer.php) and obtain the installation path. This is documented across multiple sources (NVD/Red Hat/CVEs) and is described...
CVE-2011-3800
The CVE-2011-3800 entry applies to Serendipity 1.5.5. The vulnerability causes information disclosure: a remote attacker can trigger a direct request to a .php file and receive an error message that reveals the installation path (examples include templates/newspaper/layout.php and related files)....
CVE-2011-3798
Mode C: The CVE-2011-3798 entry concerns Rapid Leech 2.3-v42-svn322. The vulnerability allows remote attackers to disclose sensitive information by requesting a specific PHP file directly, causing an error message to reveal the installation path (illustrated by files such as classes/pear.php). Th...
CVE-2011-3795
CVE-2011-3795 affects Podcast Generator 1.3. Remote attackers can obtain sensitive information by directly requesting a PHP file, which leaks the installation path via an error message (as shown in core/themes.php and related files). Public sources (NVD, Red Hat advisories) describe this as an in...
CVE-2011-3790
CVE-2011-3790 affects Piwigo 2.1.5. The vulnerability allows remote attackers to disclose the installation path by requesting a PHP file (e.g., tools/metadata.php) and triggering an error message. Documents consistently describe information disclosure as the impact; no specific exploit details or...
CVE-2011-3783
phpMyFAQ 2.6.13 is affected by an information-disclosure vulnerability: remote attackers can obtain the installation path by requesting a PHP file directly, which outputs an error message revealing paths (e.g., lang/language_uk.php). The vulnerability is described in multiple sources; no fix/vers...
CVE-2011-3781
CVE-2011-3781 affects PHPIDS 0.6.5, where remote attackers can disclose sensitive information by requesting a PHP file directly, causing an error message that reveals the installation path. The vulnerability is categorized as Information Disclosure (CVSS v2 base score 5.0, Medium). Multiple sourc...
CVE-2011-3777
CVE-2011-3777 affects phpFreeChat 1.3. The vulnerability allows remote attackers to disclose sensitive information by directly requesting a .php file, causing an error message that reveals the installation path (e.g., themes/zilveer/style.css.php and related files). The reports do not provide exp...
CVE-2011-3762
OpenBlog 1.2.1 is affected by an information disclosure vulnerability where remote attackers can obtain sensitive data by requesting a PHP file directly; the error message reveals the installation path (e.g., via system/scaffolding/views/view.php). The issue corresponds to a partial confidentiali...
CVE-2011-3794
Pligg CMS 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/init.php and certain other files...
CVE-2011-3813
Virtual War aka VWar 1.5.0r15 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/language/dutch.inc.php and certain other files...
CVE-2011-3799
ReOS 2.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by padmin/blocks/vergal.php and certain other files...
CVE-2011-3761
NuSOAP 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by nuSOAP/classes/class.wsdl.php and certain other files...
CVE-2011-3819
WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by status.php and certain other files...
CVE-2011-3815
WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by js/calendar.php and certain other files...
CVE-2011-3762
OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files...