CVE-2011-3728

CVE-2011-3728 concerns Dolphin 7.0.4, where remote attackers can obtain sensitive information by requesting a specific PHP file. The vulnerability exposes the installation path in an error message, demonstrated by files such as xmlrpc/BxDolXMLRPCProfileView.php. The issue is a information disclos...

CVE-2011-3732

eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/fckeditor/editor/dialog/fckspellerpages/spellerpages/server-scripts/spellchecker.php and certain other files...

CVE-2011-3695

CVE-2011-3695 affects 111WebCalendar 1.2.3, where an attacker can disclose installation path information by directly requesting a PHP file, causing an error message (as shown by footer.php and related files). The root cause is improper disclosure through error output when accessing certain PHP fi...

CVE-2011-3731

e107 0.7.24 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by e107plugins/pdf/e107pdf.php and certain other files...

CVE-2011-3740

Inffected software: FrontAccounting 2.3.1. The vulnerability arises from an information-disclosure flaw where a direct request to a PHP file (e.g., reporting/includes/fpdi/fpdi2tcpdf_bridge.php) causes an error message that reveals the installation path. This discreetly exposes partial confidenti...

CVE-2011-3716

CVE-2011-3716 affects Claroline 1.9.7. The issue allows remote attackers to obtain sensitive information by requesting a .php file directly, which causes an error message to reveal the installation path (e.g., via work/connector/linker.cnr.php and similar files). The available documents do not pr...

CVE-2011-3743

The CVE-2011-3743 entry concerns Hesk 2.2 where a remote attacker can obtain sensitive information by directly requesting certain PHP files, causing an error message that reveals the installation path (e.g., inc/footer.inc.php). This is described across multiple sources (NVD/Red Hat/ CVE records)...

CVE-2011-3730

CVE-2011-3730 concerns Drupal 7.0, where remote attackers can trigger an information disclosure by requesting a PHP file directly, causing an error message that reveals the installation path. Documentation cites examples such as modules/simpletest/tests/upgrade/drupal-6.upload.database.php and re...

CVE-2011-3718

CMS Made Simple (CMSMS) 1.9.2 is affected by CVE-2011-3718. A remote attacker can obtain sensitive information by directly requesting a PHP file (e.g., modules/TinyMCE/TinyMCE.module.php), resulting in an error message that reveals the installation path. The vulnerability is an information-disclo...

CVE-2011-3714

CVE-2011-3714 affects ClanSphere 2010.0. The vulnerability allows remote attackers to obtain sensitive information through a direct request to a .php file (mods/board/attachment.php), causing an error message that reveals the installation path. The provided sources describe this path disclosure, ...

CVE-2011-3702

Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/template.php and certain other files...

CVE-2011-3759

MyBB aka MyBulletinBoard 1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/3rdparty/diff/Diff/ThreeWay.php and certain other files...

CVE-2011-3748

CVE-2011-3748 affects Kamads Classifieds 2_B3. An information-disclosure flaw exists where remote attackers can obtain sensitive data by requesting a PHP file directly, causing an error message that reveals the installation path (illustrated by V2A_XHTML/style/view.php and related files). The con...

CVE-2011-3704

appRain 0.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by cron.php...

CVE-2011-3742

HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/HelpCenter/index.php and certain other files...

CVE-2011-3697

Achievo 1.4.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/graph/jpgraph/jpgraphradar.php and certain other files...

CVE-2011-3741

CVE-2011-3741 affects Ganglia 3.1.7 and allows remote attackers to disclose sensitive information by requesting certain .php files (e.g., host_view.php), causing error messages that reveal the installation path. The vulnerability is a file-path disclosure via direct access to PHP scripts. The pro...

CVE-2011-3719

CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files...

CVE-2011-3758

CVE-2011-3758 affects the package “::mound::” version 2.1.6 . A remote attacker can obtain sensitive information by directly requesting a PHP file, causing an error message that reveals the installation path (e.g., lib/smarty/libs/sysplugins/smarty_internal_template.php and related files). The pr...

CVE-2011-3736

ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by upgrades/upgrade9.php and certain other files...