6 matches found
EUVD-2002-0212
Malware in sbrugna...
Design/Logic Flaw
fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message...
CVE-2006-1119
fantastico in Cpanel does not properly handle when it has insufficient permissions to perform certain file operations, which allows remote authenticated users to obtain the full pathname, which is leaked in a PHP error message...
CVE-2005-0998
The WebLinks module for PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via an invalid show parameter, which triggers a division by zero PHP error that leaks the full pathname of the server...
CVE-2003-0456
CVE-2003-0456 concerns VisNetic WebSite 3.5 where a remote attacker can reveal the server’s full pathname via an error message triggered by a request for a non-existent folder (e.g., using _vti_bin/fpcount.exe). This is a path-disclosure vulnerability that exposes sensitive filesystem information...
CVE-2002-0654
CVE-2002-0654 affects Apache HTTP Server 2.0.x (up to 2.0.39) on Windows, OS/2 and NetWare. The vulnerability allows remote attackers to disclose the server’s full path by triggering errors from (1) a request for a .var file or (2) a failure when invoking a CGI child process, causing error messag...