3856 matches found
CVE-2011-3781
CVE-2011-3781 affects PHPIDS 0.6.5, where remote attackers can disclose sensitive information by requesting a PHP file directly, causing an error message that reveals the installation path. The vulnerability is categorized as Information Disclosure (CVSS v2 base score 5.0, Medium). Multiple sourc...
CVE-2011-3777
CVE-2011-3777 affects phpFreeChat 1.3. The vulnerability allows remote attackers to disclose sensitive information by directly requesting a .php file, causing an error message that reveals the installation path (e.g., themes/zilveer/style.css.php and related files). The reports do not provide exp...
CVE-2011-3806
TCExam 11.1.015 is affected by an information-disclosure vulnerability: a remote attacker can trigger an error in a direct request to a PHP file (e.g., public/code/tce_page_footer.php) and obtain the installation path. This is documented across multiple sources (NVD/Red Hat/CVEs) and is described...
CVE-2011-3800
The CVE-2011-3800 entry applies to Serendipity 1.5.5. The vulnerability causes information disclosure: a remote attacker can trigger a direct request to a .php file and receive an error message that reveals the installation path (examples include templates/newspaper/layout.php and related files)....
CVE-2011-3798
Mode C: The CVE-2011-3798 entry concerns Rapid Leech 2.3-v42-svn322. The vulnerability allows remote attackers to disclose sensitive information by requesting a specific PHP file directly, causing an error message to reveal the installation path (illustrated by files such as classes/pear.php). Th...
CVE-2011-3795
CVE-2011-3795 affects Podcast Generator 1.3. Remote attackers can obtain sensitive information by directly requesting a PHP file, which leaks the installation path via an error message (as shown in core/themes.php and related files). Public sources (NVD, Red Hat advisories) describe this as an in...
CVE-2011-3791
CVE-2011-3791 affects Piwik 1.1 and enables information disclosure through direct requests to PHP files (e.g., plugins/Widgetize/Widgetize.php), revealing installation paths in error messages. Root cause: error output leaks path information. Impact: partial confidentiality loss via remote access;...
CVE-2011-3783
phpMyFAQ 2.6.13 is affected by an information-disclosure vulnerability: remote attackers can obtain the installation path by requesting a PHP file directly, which outputs an error message revealing paths (e.g., lang/language_uk.php). The vulnerability is described in multiple sources; no fix/vers...
CVE-2011-3762
OpenBlog 1.2.1 is affected by an information disclosure vulnerability where remote attackers can obtain sensitive data by requesting a PHP file directly; the error message reveals the installation path (e.g., via system/scaffolding/views/view.php). The issue corresponds to a partial confidentiali...
CVE-2011-3813
Virtual War aka VWar 1.5.0r15 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/language/dutch.inc.php and certain other files...
CVE-2011-3779
PhpHostBot 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/createacct.php and certain other files...
CVE-2011-3752
LimeSurvey 1.90+ build9642-20101214 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/statistics.php and certain other files...
CVE-2011-3753
LinPHA 1.3.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by viewer.php and certain other files...
CVE-2011-3757
Moodle 2.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by webservice/xmlrpc/locallib.php and certain other files...
CVE-2011-3754
Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files...
CVE-2011-3739
Freeway 1.5 Alpha allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/Freeway/boxes/lastproduct.php and certain other files...
CVE-2011-3746
Jcow 4.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/page.tpl.php and certain other files...
CVE-2011-3728
Dolphin 7.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/BxDolXMLRPCProfileView.php and certain other files...
CVE-2011-3743
Hesk 2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/footer.inc.php and certain other files...
CVE-2011-3732
eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/fckeditor/editor/dialog/fckspellerpages/spellerpages/server-scripts/spellchecker.php and certain other files...