CVE-2005-0880

CVE-2005-0880 affects the Vortex Portal’s content.php. An invalid act parameter allows remote attackers to obtain sensitive information by causing a PHP error message that leaks the full pathname. The CVSS data indicates attack vector: network; authentication: none; access: partial confidentialit...

CVE-2005-0827

Viewcat.php in 1 RUNCMS 1.1A, 2 Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops exoops, allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message...

CVE-2005-0722

eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks the path in a PHP error message...

CVE-2005-0722

eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks the path in a PHP error message...

CVE-2005-0655

The vulnerability CVE-2005-0655 affects auraCMS 1.5. An attacker can trigger an information disclosure by issuing an HTTP request with an invalid id parameter to one of three PHP endpoints (teman.php, hal.php, arsip.php), causing a PHP error message that reveals the file path. The NVD page report...

CVE-2004-1736

CVE-2004-1736 affects Cacti 0.8.5a. The issue allows remote attackers to obtain the installation path via HTTP requests to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and potentially other PHP files, causing information disclosure of the installed framework. The root cause is e...

CVE-2004-1662

YaBB SE 1.5.1 allows remote attackers to obtain sensitive information via a direct HTTP request to Admin.php, which reveals the full path in a PHP error message...

CVE-2004-1581

BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to 1 checkdb.inc.php, 2 admin.inc.php or 3 cp.inc.php, which reveals the path in a PHP error message...

CVE-2004-1579

index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive information via an HTTP request with an invalid catid parameter, which reveals the full path in a PHP error message...

CVE-2004-1736

Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to 1 auth.php, 2 authlogin.php, 3 authchangepassword.php, and possibly other php files, which reveal the installation path in a PHP error message...

CVE-2004-2019

The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message...

CVE-2003-1089

index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message...