3856 matches found
CVE-2011-3769
PHPads 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ads.inc.php...
CVE-2011-3760
Nucleus 3.61 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/apinucleus.inc.php and certain other files...
CVE-2011-3775
PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xestion/varios/logs.inc.php and certain other files...
CVE-2011-3778
PhpGedView 4.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by serviceClientTest.php and certain other files...
CVE-2011-3799
ReOS 2.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by padmin/blocks/vergal.php and certain other files...
CVE-2011-3768
CVE-2011-3768 concerns Phorum 5.2.15a. The vulnerability is an information disclosure where remote attackers can obtain the installation path by making a direct request to a PHP file, with the path exposed in an error message (e.g., via css.php and related files). The connected documents confirm ...
CVE-2011-3765
Open-Realty 2.5.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/versions/upgrade115.inc.php and certain other files...
CVE-2011-3815
WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by js/calendar.php and certain other files...
CVE-2011-3819
WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by status.php and certain other files...
CVE-2011-3791
Piwik 1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Widgetize/Widgetize.php and certain other files...
CVE-2011-3762
OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files...
CVE-2011-3825
Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files...
CVE-2011-3794
Pligg CMS 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/init.php and certain other files...
CVE-2011-3813
Virtual War aka VWar 1.5.0r15 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/language/dutch.inc.php and certain other files...
CVE-2011-3826
CVE-2011-3826 affects Zikula 1.2.4. An information-disclosure flaw allows remote attackers to obtain sensitive data by directly requesting a PHP file, causing an error message that reveals the installation path (demonstrated by themes/voodoodolly/version.php and other files). The NVD metrics indi...
CVE-2011-3823
CVE-2011-3823 affects Yamamah 1.0. A vulnerable behavior allows remote attackers to obtain sensitive information by requesting a .php file directly, causing an error message that reveals the installation path (e.g., themes/default/index.php and similar files). The underlying root cause is an info...
CVE-2011-3821
CVE-2011-3821 affects xajax 0.6 beta1. A direct request to a vulnerable PHP file (e.g., xajax_core/plugin_layer/xajaxScriptPlugin.inc.php and related files) may disclose the installation path via an error message. The provided documents confirm the information-disclosure impact but do not describ...
CVE-2011-3824
The CVE-2011-3824 issue affects Your Own URL Shortener (YOURLS) 1.5, where a direct request to a PHP file can disclose installation path information via an error message (e.g., includes/auth.php and similar files). Root cause: error disclosure leaking path details through PHP error handling. Impa...
CVE-2011-3822
CVE-2011-3822 affects XOOPS 2.5.0. The vulnerability is an information disclosure where a direct request to a .php file (e.g., modules/system/xoops_version.php) can reveal the installation path in an error message. The issue is documented across multiple sources (NVD, Red Hat, OpenVAS, etc.) with...
CVE-2011-3812
CVE-2011-3812 affects Vanilla CMS 2.0.16, where a remote attacker can trigger an error message from direct requests to PHP files (notably plugins/Minify/min/utils.php) to reveal the installation path. The documents do not specify a confirmed patch or workaround; remediation details are not provid...