Lucene search
K

3858 matches found

Prion
Prion
added 2011/09/23 11:55 p.m.11 views

Information disclosure

MicroBlog 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by init.php and certain other files...

5CVSS6.7AI score0.01335EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2011/09/23 11:55 p.m.12 views

Information disclosure

Arctic Fox CMS 0.9.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by acp/includes/edit.inc.php and certain other files...

5CVSS6.7AI score0.01335EPSS
Exploits1References3Affected Software1
UbuntuCve
UbuntuCve
added 2011/09/23 11:55 p.m.19 views

CVE-2011-3740

FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by reporting/includes/fpdi/fpdi2tcpdfbridge.php and certain other files...

5CVSS5.9AI score0.01372EPSS
Exploits1References1
Prion
Prion
added 2011/09/23 11:55 p.m.11 views

Information disclosure

HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/HelpCenter/index.php and certain other files...

5CVSS6.7AI score0.01335EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2011/09/23 11:55 p.m.2 views

UBUNTU-CVE-2011-3744

HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/PHPT/Reporter/SimpleTest.php and certain other files...

5CVSS5.8AI score0.01372EPSS
Exploits1References2
OSV
OSV
added 2011/09/23 11:55 p.m.2 views

UBUNTU-CVE-2011-3740

FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by reporting/includes/fpdi/fpdi2tcpdfbridge.php and certain other files...

5CVSS5.8AI score0.01372EPSS
Exploits1References2
Prion
Prion
added 2011/09/23 11:55 p.m.14 views

Design/Logic Flaw

ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php...

5CVSS6.6AI score0.01335EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2011/09/23 11:55 p.m.9 views

UBUNTU-CVE-2011-3699

John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/test-active-record.php and certain other files...

5CVSS5.8AI score0.01373EPSS
Exploits1References2
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.17 views

CVE-2011-3702

Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/template.php and certain other files...

6.2AI score0.01335EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.22 views

CVE-2011-3720

conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by syslibs/umlib/umauthserver.inc.php and certain other files...

6.2AI score0.0135EPSS
Exploits1References4
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.21 views

CVE-2011-3718

CMS Made Simple CMSMS 1.9.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/TinyMCE/TinyMCE.module.php and certain other files. NOTE: this might overlap CVE-2007-5444...

6AI score0.01336EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.23 views

CVE-2011-3701

AlegroCart 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by common.php and certain other files...

6.1AI score0.01335EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.22 views

CVE-2011-3753

LinPHA 1.3.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by viewer.php and certain other files...

6.1AI score0.01335EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.15 views

CVE-2011-3714

ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php...

6.1AI score0.01335EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.17 views

CVE-2011-3706

ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by users/toolsettings.inc.php and certain other files...

6.1AI score0.01335EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.30 views

CVE-2011-3744

HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/PHPT/Reporter/SimpleTest.php and certain other files...

6AI score0.01372EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.18 views

CVE-2011-3742

HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/HelpCenter/index.php and certain other files...

6.1AI score0.01335EPSS
Exploits1References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.26 views

CVE-2011-3759

MyBB aka MyBulletinBoard 1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/3rdparty/diff/Diff/ThreeWay.php and certain other files...

6.1AI score0.01335EPSS
Exploits1References3
CVE
CVE
added 2011/09/23 11:0 p.m.41 views

CVE-2011-3700

Vulnerability: CVE-2011-3700 in Advanced Electron Forum (AEF) 1.0.8. Issue: Remote attackers can disclose sensitive information by making a direct request to a PHP file (languages/english/deletetopic_lang.php), causing an error message that reveals the installation path. Impact: Information discl...

5CVSS6.3AI score0.01335EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.17 views

CVE-2011-3732

eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/fckeditor/editor/dialog/fckspellerpages/spellerpages/server-scripts/spellchecker.php and certain other files...

6.1AI score0.01335EPSS
Exploits1References3
Rows per page
Query Builder