CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

178 matches found

CVE•added 2005/02/26 5:0 a.m.•48 views

CVE-2004-1736

CVE-2004-1736 affects Cacti 0.8.5a. The issue allows remote attackers to obtain the installation path via HTTP requests to (1) auth.php, (2) auth_login.php, (3) auth_changepassword.php, and potentially other PHP files, causing information disclosure of the installed framework. The root cause is e...

5CVSS6.7AI score0.00477EPSS

Exploits1References4Affected Software1

Debian CVE•added 2005/02/24 5:0 a.m.•21 views

CVE-2005-0544

phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to 1 sqlvalidator.lib.php, 2 sqlparser.lib.php, 3 selecttheme.lib.php, 4 selectlang.lib.php, 5 relationcleanup.lib.php, 6 headermetastyle.inc.php, 7 getforeign.lib.php, 8 displaytbllinks.lib.php, 9...

5CVSS6.3AI score0.00501EPSS

Exploits0

Cvelist•added 2005/02/24 5:0 a.m.•20 views

CVE-2005-0544

6.3AI score0.00501EPSS

Exploits0References3

Cvelist•added 2005/02/20 5:0 a.m.•10 views

CVE-2004-1662

YaBB SE 1.5.1 allows remote attackers to obtain sensitive information via a direct HTTP request to Admin.php, which reveals the full path in a PHP error message...

6.1AI score0.00462EPSS

Exploits1References3

Cvelist•added 2005/02/20 5:0 a.m.•12 views

CVE-2004-1581

BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to 1 checkdb.inc.php, 2 admin.inc.php or 3 cp.inc.php, which reveals the path in a PHP error message...

6.6AI score0.00346EPSS

Exploits0References2

Cvelist•added 2005/02/15 5:0 a.m.•11 views

CVE-2005-0433

Php-Nuke 7.5 allows remote attackers to determine the full path of the web server via invalid or missing arguments to 1 db.php, 2 mainfile.php, 3 Downloads/index.php, or 4 WebLinks/index.php, which lists the path in a PHP error message...

6.8AI score0.00032EPSS

Exploits1References3

NVD•added 2005/02/15 5:0 a.m.•11 views

CVE-2005-0433

5CVSS6.8AI score0.00032EPSS

Exploits1References3

NVD•added 2004/12/31 5:0 a.m.•11 views

CVE-2004-1736

Cacti 0.8.5a allows remote attackers to gain sensitive information via an HTTP request to 1 auth.php, 2 authlogin.php, 3 authchangepassword.php, and possibly other php files, which reveal the installation path in a PHP error message...

5CVSS6.7AI score0.00477EPSS

Exploits1References4

NVD•added 2004/12/31 5:0 a.m.•11 views

CVE-2004-1579

index.php in CubeCart 2.0.1 allows remote attackers to gain sensitive information via an HTTP request with an invalid catid parameter, which reveals the full path in a PHP error message...

5CVSS6.6AI score0.00346EPSS

Exploits0References2

NVD•added 2004/12/31 5:0 a.m.•8 views

CVE-2004-2019

The WebLinks module in Php-Nuke 6.x through 7.3 allows remote attackers to obtain sensitive information via an invalid show parameter, which displays the full path in a PHP error message...

5CVSS6.2AI score0.00027EPSS

Exploits1References5

NVD•added 2004/12/31 5:0 a.m.•11 views

CVE-2004-1581

BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to 1 checkdb.inc.php, 2 admin.inc.php or 3 cp.inc.php, which reveals the path in a PHP error message...

5CVSS6.6AI score0.00346EPSS

Exploits0References2

OSV•added 2004/12/31 5:0 a.m.•4 views

CVE-2004-1736

6.9AI score

Exploits0References4

NVD•added 2004/05/08 4:0 a.m.•8 views

CVE-2004-2009

NukeJokes 1.7 and 2 Beta allows remote attackers to obtain the full path of the server via 1 a direct call to mainfunctions.php, 2 an invalid jokeid parameter in a JokeView function or 3 an invalid cat parameter in a CatView function, which reveals the path in a PHP error message...

5CVSS6.7AI score0.00391EPSS

Exploits0References3

NVD•added 2004/05/02 4:0 a.m.•8 views

CVE-2004-1984

Coppermine Photo Gallery 1.2.2b and 1.2.0 RC4 allows remote attackers to obtain sensitive information via a direct HTTP request to 1 phpinfo.php, 2 addpic.php, 3 config.php, 4 dbinput.php, 5 displayecard.php, 6 ecard.php, 7 crop.inc.php, which reveal the full path in a PHP error message...

5CVSS6.2AI score0.0055EPSS

Exploits1References12

securityvulns•added 2004/04/24 12:0 a.m.•82 views

[waraxe-2004-SA#024 - XSS and full path disclosure in Network Query Tool 1.6]

================================================================================ waraxe-2004-SA024 ================================================================================ XSS and full path disclosure in Network Query Tool 1.6...

5.9AI score

Exploits0

NVD•added 2004/04/21 4:0 a.m.•9 views

CVE-2004-1956

PostNuke 0.7.2.6 allows remote attackers to gain information via a direct HTTP request to files in the 1 includes/blocks directory, 2 pnadodb directory, 3 NS-NewUser module, 4 NS-YourAccount, 5 NS-LostPassword module, or 6 NS-User module which reveals the path to the web server in a PHP error...

5CVSS6.7AI score0.00457EPSS

Exploits1References4

NVD•added 2003/12/31 5:0 a.m.•11 views

CVE-2003-1089

index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message...

5CVSS6.8AI score0.05247EPSS

Exploits1References4

NVD•added 2001/12/01 5:0 a.m.•9 views

CVE-2001-1437

easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out...

7.5CVSS6.6AI score0.0126EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by