6 matches found
CVE-2011-3793
Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files...
CVE-2011-3793
Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files...
Information disclosure
Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files...
CVE-2011-3793
Pixie 1.04 is affected by an information-disclosure vulnerability where remote attackers can obtain sensitive data by requesting a PHP file directly, causing an error message that reveals the installation path (e.g., admin/modules/static.php). ThisSummary is supported by multiple sources (NVD, Re...
CVE-2011-3793
Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files...
Pixie 1.04 Cross Site Request Forgery
Pixie 1.04 suffers from CSRF where form data can be submitted by the admin unwittingly in this example to add a blog post or Add a new user. It was not tempted but it is possible to include a cookie stealer in the blog post which a naive admin my view if it has a curious/innocent sounding name...