178 matches found
CVE-2005-0880
content.php in Vortex Portal allows remote attackers to obtain sensitive information via an invalid act parameter, which leaks the full pathname in a PHP error message...
CVE-2005-1028
PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct request to 1 index.php with the forumadmin parameter set, 2 the Surveys module, or 3 the YourAccount module, which reveals the path in a PHP error message...
CVE-2001-1437
Technical details about CVE-2001-1437 are not publicly available in the provided documents; monitor for updates.
CVE-2005-1144
popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message...
CVE-2005-1050
CVE-2005-1050 affects PostNuke 0.760-RC3 in the Reviews module’s modload op. The vulnerability allows remote attackers to disclose sensitive information by supplying an invalid id parameter, causing a PHP error message that reveals the path. The NVD entry rates impact as Partial Confidentiality w...
CVE-2005-1144
popup.php in EasyPHPCalendar before 6.2.8 allows remote attackers to obtain sensitive information via an invalid ev parameter, which reveals the full pathname of the web server in a PHP error message...
CVE-2005-1050
The modload op in the Reviews module for PostNuke 0.760-RC3 allows remote attackers to obtain sensitive information via an invalid id parameter, which reveals the path in a PHP error message...
CVE-2005-1033
CVE-2005-1033 (CubeCart
CVE-2005-1033
CubeCart 2.0.6 allows remote attackers to obtain sensitive information via an invalid 1 language parameter to index.php, 2 PHPSESSID parameter to index.php, 3 product parameter to tellafriend.php, 4 add parameter to viewcart.php, or 5 product parameter to viewproduct.php, which reveals the path i...
CVE-2005-1028
PHP-Nuke 6.x through 7.6 allows remote attackers to obtain sensitive information via a direct request to 1 index.php with the forumadmin parameter set, 2 the Surveys module, or 3 the YourAccount module, which reveals the path in a PHP error message...
CVE-2005-0880
CVE-2005-0880 affects the Vortex Portal’s content.php. An invalid act parameter allows remote attackers to obtain sensitive information by causing a PHP error message that leaks the full pathname. The CVSS data indicates attack vector: network; authentication: none; access: partial confidentialit...
CVE-2005-0869
phpSysInfo 2.3 allows remote attackers to obtain sensitive information via a direct request to 1 class.OpenBSD.inc.php, 2 class.NetBSD.inc.php, 3 class.FreeBSD.inc.php, 4 class.Darwin.inc.php, 5 XPath.class.php, 6 systemheader.php, or 7 systemfooter.php, which reveal the path in a PHP error messa...
CVE-2005-0880
content.php in Vortex Portal allows remote attackers to obtain sensitive information via an invalid act parameter, which leaks the full pathname in a PHP error message...
CVE-2005-0827
Viewcat.php in 1 RUNCMS 1.1A, 2 Ciamos 0.9.2 RC1, e-Xoops 1.05 Rev3, and possibly other products based on e-Xoops exoops, allow remote attackers to obtain sensitive information via an invalid parameter to the convertorderbytrans function, which reveals the path in a PHP error message...
CVE-2005-0722
eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks the path in a PHP error message...
CVE-2005-0655
auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to 1 teman.php, 2 hal.php, or 3 arsip.php, which reveals the path in a PHP error message...
CVE-2005-0722
eXPerience2 allows remote attackers to obtain the full path for the web root via a direct request to modules.php without any parameters, which leaks the path in a PHP error message...
CVE-2005-0655
The vulnerability CVE-2005-0655 affects auraCMS 1.5. An attacker can trigger an information disclosure by issuing an HTTP request with an invalid id parameter to one of three PHP endpoints (teman.php, hal.php, arsip.php), causing a PHP error message that reveals the file path. The NVD page report...
CVE-2005-0607
CubeCart 2.0.0 through 2.0.5 allows remote attackers to determine the full path of the server via direct calls without parameters to 1 information.php, 2 language.php, 3 listdocs.php, 4 popularprod.php, 5 sale.php, 6 subfooter.inc.php, 7 subheader.inc.php, 8 catnavi.php, or 9 checksum.php, which...
CVE-2004-1736
Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to 1 auth.php, 2 authlogin.php, 3 authchangepassword.php, and possibly other php files, which reveal the installation path in a PHP error message...