Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

CVE
CVEadded 2007/10/24 11:0 p.m.41 views

CVE-2003-1486

CVE-2003-1486 affects Phorum 3.4 to 3.4.2. An incorrect HTTP request to one of nine scripts (smileys.php, quick_listrss.php, purge.php, news.php, memberlist.php, forum_listrss.php, forum_list_rdf.php, forum_list.php, move.php) can make the server leak its full path in an error message. This is a ...

5CVSS6.8AI score0.01186EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2006/11/10 2:0 a.m.39 views

CVE-2006-5844

Speedywiki 2.0 is affected. The vulnerability allows remote attackers to disclose the web server’s full path by abusing the showRevisions[] and searchText[] parameters in index.php, and also via a direct request to upload.php with no parameters. This aligns with NVD data and PT Security’s advisor...

5CVSS7AI score0.01434EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2006/11/06 10:0 p.m.46 views

CVE-2006-5759

The connected PT-2006-6440 entry confirms a path-disclosure vulnerability in Rhadrix If-CMS, affecting versions 1.01–2.07. The issue arises when empty arguments rns[] or pag[] are provided, causing an error message that reveals the web server’s full filesystem path. This can aid an attacker in lo...

5CVSS7.1AI score0.01403EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2005/11/16 7:37 a.m.13 views

CVE-2003-1242

Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message...

6.6AI score0.06793EPSS
Exploits1References3
securityvulns
securityvulnsadded 2005/06/17 12:0 a.m.25 views

e107 v0.617 several new and old vulnerabilities

Hello, The e107 is an open-source, PHP and SQL based portal and content management system1. I found some new vulnerabilities in the current release v0.617. Also some "older" flaws2 has been re-discovered in different ways. This email has been sent some months ago to the e107 developers. They fixe...

7.4AI score
Exploits0
Cvelist
Cvelistadded 2004/07/13 4:0 a.m.18 views

CVE-2004-0665

csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveals the path to the web server in an error message...

6.5AI score0.0294EPSS
Exploits1References4
Tenable Nessus
Tenable Nessusadded 2004/02/24 12:0 a.m.37 views

TalentSoft Web+ webplus.exe Path Disclosure

The remote host appears to be running Web+ Application Server. The version of Web+ installed on the remote host reveals the physical path of the application when it receives a script file error. %NASLMINLEVEL 70300 This script was written by David Kyger See the Nessus Scripts License for details...

5.5AI score
Exploits0References1
CVE
CVEadded 2004/01/15 5:0 a.m.44 views

CVE-2004-0066

phpGedView is affected by CVE-2004-0066 up to version 2.64. The vulnerability allows remote attackers to disclose the web server’s absolute path via malformed parameters to multiple PHP pages (indilist.php, famlist.php, placelist.php, imageview.php, timeline.php, clippings.php, login.php, gdbi.ph...

5CVSS7.1AI score0.01409EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder