2 matches found
CVE-2005-0310
Exponent 0.95 allows remote attackers to obtain sensitive information via a direct HTTP request to 1 search.info.php, 2 permissions.info.php, 3 security.info.php, 4 formcontrol.php, or 5 filemodules.php, which reveals the path in an error message because the pathoscoreversion variable is undefine...
CVE-2005-0310
CVE-2005-0310 affects Exponent CMS. The vulnerability is a path disclosure caused by an undefined pathos_core_version variable, leading to leakage of installation paths via direct HTTP requests to /search.info.php, /permissions.info.php, /security.info.php, /formcontrol.php, and /file_modules.php...