Lucene search
K

54 matches found

OSV
OSV
added 2016/03/31 4:59 p.m.19 views

CVE-2016-3142

The pharparsezipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read and application crash by placing a PK\x05\x06 signature at an inval...

8.2CVSS7.5AI score
Exploits0References13
Vulnrichment
Vulnrichment
added 2013/10/09 2:44 p.m.8 views

CVE-2013-3896

Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."...

5.3AI score0.6961EPSS
Exploits5References4
Cvelist
Cvelist
added 2013/10/01 12:0 a.m.23 views

CVE-2013-3041

The Web Client in IBM Rational ClearQuest 7.1 before 7.1.2.12, 8.0 before 8.0.0.8, and 8.0.1 before 8.0.1.1 allows remote attackers to obtain sensitive information from the client-server data stream via unspecified vectors associated with a "JSON hijacking attack."...

5.9AI score0.01066EPSS
Exploits0References2
OSV
OSV
added 2011/11/17 7:55 p.m.8 views

CVE-2011-3646

phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed jsframe parameter to phpmyadmin.css.php, which reveals the installation path in an error message...

6.2AI score
Exploits0References7
NVD
NVD
added 2011/09/24 12:55 a.m.15 views

CVE-2011-3821

xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xajaxcore/pluginlayer/xajaxScriptPlugin.inc.php and certain other files...

5CVSS6.1AI score0.01263EPSS
Exploits0References3
Cvelist
Cvelist
added 2011/09/23 11:0 p.m.22 views

CVE-2011-3715

ClanTiger 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/statistics.php and certain other files...

6.1AI score0.01335EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2009/04/22 12:0 a.m.26 views

CVE-2009-1311

Mozilla Firefox before 3.0.9 and SeaMonkey before 1.1.17 allow user-assisted remote attackers to obtain sensitive information via a web page with an embedded frame, which causes POST data from an outer page to be sent to the inner frame's URL during a SAVEMODEFILEONLY save of the inner frame...

4.3CVSS7.3AI score0.02313EPSS
Exploits1References2
Cvelist
Cvelist
added 2008/07/25 1:18 p.m.22 views

CVE-2008-3304

BilboBlog 0.2.1 allows remote attackers to obtain sensitive information via 1 an enablecache=false query string to footer.php or 2 a direct request to pagination.php, which reveals the installation path in an error message...

6.2AI score0.06091EPSS
Exploits0References2
Cvelist
Cvelist
added 2007/07/30 5:0 p.m.21 views

CVE-2007-4089

Vikingboard 0.1.2 allows remote attackers to obtain sensitive information via the debug parameter to 1 forum.php, 2 cp.php, and possibly other unspecified components...

6.4AI score0.02404EPSS
Exploits1References8
OSV
OSV
added 2007/02/13 8:28 p.m.6 views

CVE-2007-0902

Unspecified vulnerability in the "Show debugging information" feature in MoinMoin 1.5.7 allows remote attackers to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

6AI score
Exploits0References5
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.18 views

CVE-2004-1577

index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show parameter, which reveals the full path in an error message...

6.6AI score0.01181EPSS
Exploits0References2
Cvelist
Cvelist
added 2005/02/20 5:0 a.m.19 views

CVE-2004-1677

pdesk.cgi in PerlDesk allows remote attackers to gain sensitive information via an invalid lang parameter, which includes pathname information in an error message...

6.5AI score0.01548EPSS
Exploits1References3
NVD
NVD
added 2004/07/27 4:0 a.m.18 views

CVE-2004-0736

The search module in Php-Nuke allows remote attackers to gain sensitive information via the 1 "" or 2 "+" search patterns, which reveals the path in an error message...

5CVSS6.5AI score0.01181EPSS
Exploits0References2
NVD
NVD
added 2003/12/31 5:0 a.m.9 views

CVE-2003-1168

HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . dot in the file parameter, which reveals the installation path in an error message...

5CVSS6.2AI score0.01877EPSS
Exploits1References2
Rows per page
Query Builder