CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Prion•added 2011/09/23 11:55 p.m.•12 views

Information disclosure

Dolphin 7.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/BxDolXMLRPCProfileView.php and certain other files...

5CVSS6.6AI score0.01229EPSS

Exploits0References3Affected Software1

Prion•added 2011/09/23 11:55 p.m.•11 views

Information disclosure

LinPHA 1.3.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by viewer.php and certain other files...

5CVSS6.7AI score0.01335EPSS

Prion•added 2011/09/23 11:55 p.m.•13 views

Information disclosure

Advanced Electron Forum AEF 1.0.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by languages/english/deletetopiclang.php...

5CVSS6.6AI score0.01335EPSS

Prion•added 2011/09/23 11:55 p.m.•12 views

Information disclosure

Elgg 1.7.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by vendors/simpletest/test/visualtest.php and certain other files...

5CVSS6.7AI score0.01335EPSS

Prion•added 2011/09/23 11:55 p.m.•11 views

Information disclosure

Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files...

5CVSS6.7AI score0.01335EPSS

OSV•added 2011/09/23 11:55 p.m.•1 views

UBUNTU-CVE-2011-3744

5CVSS5.8AI score0.01372EPSS

Exploits1References2

Cvelist•added 2011/09/23 11:0 p.m.•30 views

CVE-2011-3696

60cycleCMS 2.5.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by post.php and certain other files...

6.1AI score0.0229EPSS

Cvelist•added 2011/09/23 11:0 p.m.•18 views

CVE-2011-3698

AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/pollvote.php and certain other files...

Cvelist•added 2011/09/23 11:0 p.m.•17 views

CVE-2011-3702

Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/template.php and certain other files...

6.2AI score0.01335EPSS

Cvelist•added 2011/09/23 11:0 p.m.•15 views

CVE-2011-3706

ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by users/toolsettings.inc.php and certain other files...

Cvelist•added 2011/09/23 11:0 p.m.•22 views

CVE-2011-3720

conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by syslibs/umlib/umauthserver.inc.php and certain other files...

6.2AI score0.0135EPSS

Exploits1References4

Cvelist•added 2011/09/23 11:0 p.m.•16 views

CVE-2011-3724

CubeCart 4.4.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/shipping/USPS/calc.php and certain other files...

Cvelist•added 2011/09/23 11:0 p.m.•21 views

CVE-2011-3728

6.1AI score0.01229EPSS

Exploits0References3

Cvelist•added 2011/09/23 11:0 p.m.•16 views

CVE-2011-3734

Cvelist•added 2011/09/23 11:0 p.m.•21 views

CVE-2011-3735

Escort Agency CMS aka escort-agency-cms allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and certain other files...

6.2AI score0.01335EPSS

Cvelist•added 2011/09/23 11:0 p.m.•23 views

CVE-2011-3743

Hesk 2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/footer.inc.php and certain other files...

Cvelist•added 2011/09/23 11:0 p.m.•28 views

CVE-2011-3744

6AI score0.01372EPSS

Cvelist•added 2011/09/23 11:0 p.m.•18 views

CVE-2011-3751

LifeType 1.2.10 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/badbehavior/pluginbadbehavior.class.php...

Cvelist•added 2011/09/23 11:0 p.m.•16 views

CVE-2011-3697

Achievo 1.4.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/graph/jpgraph/jpgraphradar.php and certain other files...