153 matches found
PT-2005-4445 · Xmb · Xmb
Name of the Vulnerable Software and Affected Versions: XMB version 1.9.2 Description: The issue allows remote attackers to obtain the installation path. This is achieved by providing an invalid fid parameter in a newthread action to the post.php file. Recommendations: For XMB version 1.9.2,...
CVE-2004-2518
Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensitive information via 1 a trailing null byte "%00" to a URL or 2 an invalid LANGUAGE parameter to web.tmpl, which reveals the full installation path in an error message...
CVE-2005-1497
index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid postid parameter, which reveals the path in an error message...
CVE-2004-2019
The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message...
CVE-2005-0326
pafiledb.php in PaFileDB 3.1 allows remote attackers to gain sensitive information via an invalid or missing action parameter, which reveals the path in an error message when it cannot include a login.php script...
CVE-2005-1144
popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message...
CVE-2005-1144
popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message...
CVE-2005-0827
Viewcat.php in 1 RUNCMS 1.1A, 2 Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops exoops, allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message...
PT-2005-1856 · Php · Php
Name of the Vulnerable Software and Affected Versions: RUNCMS version 1.1A Ciamos version 0.9.2 RC1 e-Xoops version 1.05 Rev3 Description: The issue allows remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PH...
CVE-2004-2019
The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message...
CVE-2004-0665
CVE-2004-0665 affects csFAQ.cgi in csFAQ. An invalid database parameter can cause an error message that reveals the web server’s path, enabling information disclosure. The NVD entry lists a remote, unauthenticated exposure with network access, low attack complexity, and partial confidentiality im...
Sybase ASE DoS
Server DoS during user logon with invalid 'remote password array' parameter...
Mambo Site Server 4.0.11 - Full Path Disclosure
source: https://www.securityfocus.com/bid/6387/info A vulnerability has been discovered in Mambo Site Server. Requesting the 'index.php' script with an invalid parameter will cause an error page to be generated containing the path of the Mambo script. Information obtained by exploiting this issue...