CVE-2011-3801

SimpleTest 1.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test/visualtest.php and certain other files...

CVE-2011-3823

Yamamah 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/index.php and certain other files...

CVE-2011-3765

Open-Realty 2.5.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/versions/upgrade115.inc.php and certain other files...

CVE-2011-3815

WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by js/calendar.php and certain other files...

CVE-2011-3819

WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by status.php and certain other files...

CVE-2011-3819

The CVE-2011-3819 entry concerns WoW Server Status 4.1, where remote attackers can disclose sensitive information through a direct request to a PHP file, exposing the installation path in error messages (as demonstrated by status.php and related files). The documents do not provide root-cause det...

CVE-2011-3793

Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files...

CVE-2011-3787

phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php and certain other files...

CVE-2011-3823

CVE-2011-3823 affects Yamamah 1.0. A vulnerable behavior allows remote attackers to obtain sensitive information by requesting a .php file directly, causing an error message that reveals the installation path (e.g., themes/default/index.php and similar files). The underlying root cause is an info...

CVE-2011-3821

CVE-2011-3821 affects xajax 0.6 beta1. A direct request to a vulnerable PHP file (e.g., xajax_core/plugin_layer/xajaxScriptPlugin.inc.php and related files) may disclose the installation path via an error message. The provided documents confirm the information-disclosure impact but do not describ...

CVE-2011-3824

The CVE-2011-3824 issue affects Your Own URL Shortener (YOURLS) 1.5, where a direct request to a PHP file can disclose installation path information via an error message (e.g., includes/auth.php and similar files). Root cause: error disclosure leaking path details through PHP error handling. Impa...

CVE-2011-3822

CVE-2011-3822 affects XOOPS 2.5.0. The vulnerability is an information disclosure where a direct request to a .php file (e.g., modules/system/xoops_version.php) can reveal the installation path in an error message. The issue is documented across multiple sources (NVD, Red Hat, OpenVAS, etc.) with...

CVE-2011-3815

WeBid 1.0.0 is affected by an information-disclosure vulnerability: an unauthorized remote user can trigger an error page from certain PHP files (e.g., js/calendar.php) that reveals the installation path. Affects components handling direct PHP requests; underlying cause is improper error handling...

CVE-2011-3781

CVE-2011-3781 affects PHPIDS 0.6.5, where remote attackers can disclose sensitive information by requesting a PHP file directly, causing an error message that reveals the installation path. The vulnerability is categorized as Information Disclosure (CVSS v2 base score 5.0, Medium). Multiple sourc...

CVE-2011-3780

The CVE-2011-3780 entry concerns PHP iCalendar 2.4. It describes an information-disclosure vulnerability where remote attackers can obtain sensitive data by requesting a PHP file directly, causing an error message that reveals the installation path (examples reference rss/rss_common.php and simil...

CVE-2011-3777

CVE-2011-3777 affects phpFreeChat 1.3. The vulnerability allows remote attackers to disclose sensitive information by directly requesting a .php file, causing an error message that reveals the installation path (e.g., themes/zilveer/style.css.php and related files). The reports do not provide exp...

CVE-2011-3807

Textpattern 4.2.0 is affected by an information-disclosure vulnerability where remote attackers can cause an error message to reveal the installation path via a direct request to certain PHP files (e.g., lib/txplib_db.php). The underlying issue is disclosure of server paths through error messages...

CVE-2011-3806

TCExam 11.1.015 is affected by an information-disclosure vulnerability: a remote attacker can trigger an error in a direct request to a PHP file (e.g., public/code/tce_page_footer.php) and obtain the installation path. This is documented across multiple sources (NVD/Red Hat/CVEs) and is described...

CVE-2011-3803

CVE-2011-3803 affects SugarCRM 6.1.0. Remote attackers can read sensitive information by directly requesting certain PHP files (e.g., themes/Sugar5/layout_utils.php), triggering error messages that reveal the installation path. Root cause is information disclosure via error output when accessing ...

CVE-2011-3801

CVE-2011-3801 affects SimpleTest 1.0.1 and allows remote attackers to disclose the installation path by requesting certain PHP files (e.g., test/visual_test.php), causing an error message. Impact is partial confidentiality, with no provided evidence of exploitation details in the connected docume...