CVE-2011-3750

The CVE-2011-3750 entry describes a information-disclosure vulnerability in kPlaylist 1.8.502. An unauthenticated remote attacker can trigger direct requests to certain PHP files (e.g., getid3/getid3/write.id3v1.php) and receive error messages that reveal the installation path, exposing sensitive...

CVE-2011-3748

CVE-2011-3748 affects Kamads Classifieds 2_B3. An information-disclosure flaw exists where remote attackers can obtain sensitive data by requesting a PHP file directly, causing an error message that reveals the installation path (illustrated by V2A_XHTML/style/view.php and related files). The con...

CVE-2011-3745

CVE-2011-3745 affects HycusCMS 1.0.3. Affected component/file: templates/hycus_template/template.php. The issue is an information disclosure where a direct request to a PHP file reveals the installation path in an error message. No exploitation details are provided in the connected documents. No ...

CVE-2011-3743

The CVE-2011-3743 entry concerns Hesk 2.2 where a remote attacker can obtain sensitive information by directly requesting certain PHP files, causing an error message that reveals the installation path (e.g., inc/footer.inc.php). This is described across multiple sources (NVD/Red Hat/ CVE records)...

CVE-2011-3740

Inffected software: FrontAccounting 2.3.1. The vulnerability arises from an information-disclosure flaw where a direct request to a PHP file (e.g., reporting/includes/fpdi/fpdi2tcpdf_bridge.php) causes an error message that reveals the installation path. This discreetly exposes partial confidenti...

CVE-2011-3737

CVE-2011-3737 affects eyeOS 2.2.0.0 and enables information disclosure by remote users who can trigger a direct request to certain .php files (e.g., apps/rmail/webmail/program/lib/Net/SMTP.php), causing error messages that reveal the installation path. The vulnerability stems from exposing intern...

CVE-2011-3728

CVE-2011-3728 concerns Dolphin 7.0.4, where remote attackers can obtain sensitive information by requesting a specific PHP file. The vulnerability exposes the installation path in an error message, demonstrated by files such as xmlrpc/BxDolXMLRPCProfileView.php. The issue is a information disclos...

CVE-2011-3714

CVE-2011-3714 affects ClanSphere 2010.0. The vulnerability allows remote attackers to obtain sensitive information through a direct request to a .php file (mods/board/attachment.php), causing an error message that reveals the installation path. The provided sources describe this path disclosure, ...

CVE-2011-3700

Vulnerability: CVE-2011-3700 in Advanced Electron Forum (AEF) 1.0.8. Issue: Remote attackers can disclose sensitive information by making a direct request to a PHP file (languages/english/deletetopic_lang.php), causing an error message that reveals the installation path. Impact: Information discl...

CVE-2011-3733

Elgg 1.7.6 is affected by CVE-2011-3733. An information-disclosure flaw allows remote attackers to obtain sensitive data by making a direct request to certain PHP files, which reveals the installation path in an error message (as demonstrated by vendors/simpletest/test/visual_test.php and related...

CVE-2011-3730

CVE-2011-3730 concerns Drupal 7.0, where remote attackers can trigger an information disclosure by requesting a PHP file directly, causing an error message that reveals the installation path. Documentation cites examples such as modules/simpletest/tests/upgrade/drupal-6.upload.database.php and re...

CVE-2011-3720

ConceptCMS 5.3.1 and 5.3.3 (and possibly other versions) are affected by an information-disclosure vulnerability: remote attackers can obtain sensitive info via a direct request to a .php file, with an error message revealing the installation path (e.g., sys_libs/umlib/um_authserver.inc.php). Roo...

CVE-2011-3718

CMS Made Simple (CMSMS) 1.9.2 is affected by CVE-2011-3718. A remote attacker can obtain sensitive information by directly requesting a PHP file (e.g., modules/TinyMCE/TinyMCE.module.php), resulting in an error message that reveals the installation path. The vulnerability is an information-disclo...

CVE-2011-3716

CVE-2011-3716 affects Claroline 1.9.7. The issue allows remote attackers to obtain sensitive information by requesting a .php file directly, which causes an error message to reveal the installation path (e.g., via work/connector/linker.cnr.php and similar files). The available documents do not pr...

CVE-2011-3702

The vulnerability CVE-2011-3702 affects Ananta Gazelle 1.0. Affected software is Ananta Gazelle 1.0; exposure occurs via a direct request to a PHP file (e.g., modules/template.php) that reveals the installation path in an error message. This constitutes an information disclosure vulnerability, al...

CVE-2011-3697

Achievo 1.4.5 is affected by CVE-2011-3697. Affected component: PHP files (e.g., modules/graph/jpgraph/jpgraph_radar.php) that reveal the installation path via an error message when a direct request is made. This is an information-disclosure flaw allowing remote attackers to obtain sensitive path...

CVE-2011-3727

DokuWiki 2009-12-25c allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/tpl/index.php and certain other files...

CVE-2011-3731

e107 0.7.24 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by e107plugins/pdf/e107pdf.php and certain other files...

CVE-2011-3714

ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php...

CVE-2011-3701

AlegroCart 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by common.php and certain other files...