Lucene search
K

73 matches found

Cvelist
Cvelist
added 2004/01/15 5:0 a.m.20 views

CVE-2004-0066

phpGedView before 2.65 allows remote attackers to obtain the absolute path of the web server via malformed parameters to 1 indilist.php, 2 famlist.php, 3 placelist.php, 4 imageview.php, 5 timeline.php, 6 clippings.php, 7 login.php, and 8 gdbi.php...

6.7AI score0.01409EPSS
Exploits0References3
CVE
CVE
added 2004/01/15 5:0 a.m.45 views

CVE-2004-0066

phpGedView is affected by CVE-2004-0066 up to version 2.64. The vulnerability allows remote attackers to disclose the web server’s absolute path via malformed parameters to multiple PHP pages (indilist.php, famlist.php, placelist.php, imageview.php, timeline.php, clippings.php, login.php, gdbi.ph...

5CVSS7.1AI score0.01409EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2003/12/31 5:0 a.m.12 views

CVE-2003-1269

AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message...

5CVSS6.6AI score0.02078EPSS
Exploits0References3
NVD
NVD
added 2003/12/31 5:0 a.m.6 views

CVE-2003-1242

Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message...

5CVSS6.6AI score0.06793EPSS
Exploits1References3
NVD
NVD
added 2003/12/31 5:0 a.m.15 views

CVE-2003-1486

Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to 1 smileys.php, 2 quicklistrss.php, 3 purge.php, 4 news.php, 5 memberlist.php, 6 forumlistrss.php, 7 forumlistrdf.php, 8 forumlist.php, or 9 move.php, which leaks the...

5CVSS6.4AI score0.01186EPSS
Exploits0References4
NVD
NVD
added 2003/12/31 5:0 a.m.18 views

CVE-2003-1469

The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message...

5CVSS6.5AI score0.06722EPSS
Exploits1References5
NVD
NVD
added 2003/12/31 5:0 a.m.16 views

CVE-2003-1468

The WebLinks module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full web server path via an invalid cid parameter that is non-numeric or null, which leaks the pathname in an error message...

4.3CVSS6.7AI score0.02272EPSS
Exploits1References3
NVD
NVD
added 2002/12/31 5:0 a.m.14 views

CVE-2002-2045

xstatadmin.php in x-stat 2.3 and earlier allows remote attackers to 1 execute PHP commands such as phpinfo or 2 obtain the full path of the web server via an invalid action parameter, which leaks the pathname in an error message...

6.4CVSS7.2AI score0.01712EPSS
Exploits1References7
CVE
CVE
added 2002/06/11 4:0 a.m.36 views

CVE-2002-0446

The CVE-2002-0446 entry describes a path disclosure vulnerability in Black Tie Project (BTP) versions 0.4b through 0.5b. Specifically, categorie.php3 exposes the server’s absolute path to remote attackers via an invalid category ID (cid) parameter, leaking the pathname in an error message. Affect...

5CVSS7.1AI score0.02596EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2002/06/11 4:0 a.m.18 views

CVE-2002-0446

categorie.php3 in Black Tie Project BTP 0.4b through 0.5b allows remote attackers to determine the absolute path of the web server via an invalid category ID cid parameter, which leaks the pathname in an error message...

6.7AI score0.02596EPSS
Exploits1References3
Cvelist
Cvelist
added 2000/12/19 5:0 a.m.24 views

CVE-2000-1110

document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program...

6.3AI score0.02685EPSS
Exploits1References2
CVE
CVE
added 2000/02/04 5:0 a.m.59 views

CVE-1999-1006

The OpenVAS entry for CVE-1999-1006 documents a GroupWise Web Interface vulnerability in GWWEB.EXE where manipulating the HELP URL request yields information disclosure, including reading local files on the remote host. This confirms the vulnerability class as an information disclosure via a web ...

5CVSS6.7AI score0.01477EPSS
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 1999/12/20 12:0 a.m.31 views

groupwise.web.txt

Problems found with GroupeWise web server Novell was contacted 3 weeks ago and no reply ----------------------------------------------------------------- 1. The help argument in GWWEB.EXE reveal full web path on the server 2. anyone can read a .htm file on the system with the GWWEB.EXE and the HE...

7.4AI score
Exploits0
Rows per page
Query Builder