| Max CVSS | 5.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2011-3696 | 5.0 |
60cycleCMS 2.5.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by post.php and certain other files.
|
25-08-2021 - 20:30 | 23-09-2011 - 23:55 | |
| CVE-2011-3793 | 5.0 |
Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files.
|
29-03-2021 - 12:16 | 24-09-2011 - 00:55 | |
| CVE-2011-3791 | 5.0 |
Piwik 1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Widgetize/Widgetize.php and certain other files.
|
21-11-2019 - 13:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3769 | 5.0 |
PHPads 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ads.inc.php.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3770 | 5.0 |
phpAlbum 0.4.1.14 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Flowing_Dark/parameters.tpl.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3777 | 5.0 |
phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/zilveer/style.css.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3760 | 5.0 |
Nucleus 3.61 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/api_nucleus.inc.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3778 | 5.0 |
PhpGedView 4.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by serviceClientTest.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3767 | 5.0 |
osCommerce 3.0a5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by redirect.php.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3774 | 5.0 |
php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/landing.php and certain other files
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3713 | 5.0 |
cFTP r80 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/session_check.php and certain other files.
|
29-08-2017 - 01:30 | 23-09-2011 - 23:55 | |
| CVE-2011-3766 | 5.0 |
OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/orange/menu/Menu.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3764 | 5.0 |
OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by User_Perms_class.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3773 | 5.0 |
PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by gzip.php.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3765 | 5.0 |
Open-Realty 2.5.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/versions/upgrade_115.inc.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3762 | 5.0 |
OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3763 | 5.0 |
OpenCart 1.4.9.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/startup.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3775 | 5.0 |
PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xestion/varios/logs.inc.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3771 | 5.0 |
phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by doc/update_smilies_1.50-1.60.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3768 | 5.0 |
Phorum 5.2.15a allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by css.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3776 | 5.0 |
phpFormGenerator 2.09 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by forms/process.php.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-3761 | 5.0 |
NuSOAP 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by nuSOAP/classes/class.wsdl.php and certain other files.
|
29-08-2017 - 01:30 | 24-09-2011 - 00:55 | |
| CVE-2011-2891 | 5.0 |
Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.
|
29-08-2017 - 01:29 | 27-07-2011 - 20:55 | |
| CVE-2011-3727 | 5.0 |
DokuWiki 2009-12-25c allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/tpl/index.php and certain other files.
|
13-12-2013 - 04:52 | 23-09-2011 - 23:55 | |
| CVE-2011-3755 | 5.0 |
MantisBT 1.2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by view_all_inc.php and certain other files.
|
27-08-2013 - 03:17 | 23-09-2011 - 23:55 | |
| CVE-2011-3798 | 5.0 |
Rapid Leech 2.3-v42-svn322 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by classes/pear.php and certain other files.
|
24-10-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3814 | 5.0 |
WebCalendar 1.2.3, and other versions before 1.2.5, allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ws/user_mod.php and certain o
|
13-10-2012 - 03:16 | 24-09-2011 - 00:55 | |
| CVE-2011-3772 | 5.0 |
phpCollab 2.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by topics/noti_newtopic.php and certain other files.
|
31-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3779 | 5.0 |
PhpHostBot 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/create_acct.php and certain other files.
|
31-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3813 | 5.0 |
Virtual War (aka VWar) 1.5.0r15 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/language/dutch.inc.php and certain other
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3800 | 5.0 |
Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/newspaper/layout.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3785 | 5.0 |
PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3811 | 5.0 |
TomatoCart 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/system/offline.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3818 | 5.0 |
WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by wp-admin/includes/user.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3795 | 5.0 |
Podcast Generator 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/themes.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3821 | 5.0 |
xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xajax_core/plugin_layer/xajaxScriptPlugin.inc.php and certain oth
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3806 | 5.0 |
TCExam 11.1.015 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/code/tce_page_footer.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3804 | 5.0 |
SweetRice 0.7.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by _plugin/tiny_mce/plugins/advimage/images.php.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3788 | 5.0 |
PhpSecInfo 0.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Test/Test_Suhosin.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3825 | 5.0 |
Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other file
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3807 | 5.0 |
Textpattern 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/txplib_db.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3799 | 5.0 |
ReOS 2.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by padmin/blocks/vergal.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3782 | 5.0 |
phpLD 2-151.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libs/smarty/Smarty_Compiler.class.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3824 | 5.0 |
Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3819 | 5.0 |
WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by status.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3802 | 5.0 |
StatusNet 0.9.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tpl/index.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3787 | 5.0 |
phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3820 | 5.0 |
WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/prestart.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3803 | 5.0 |
SugarCRM 6.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Sugar5/layout_utils.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3784 | 5.0 |
Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3817 | 5.0 |
Website Baker 2.8.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/media/parameters.php and certain other files. NOTE: th
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3801 | 5.0 |
SimpleTest 1.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test/visual_test.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3797 | 5.0 |
ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3781 | 5.0 |
PHPIDS 0.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/IDS/VersionTest.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3809 | 5.0 |
TheHostingTool (THT) 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/pear/Mail/smtp.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3780 | 5.0 |
PHP iCalendar 2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by rss/rss_common.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3822 | 5.0 |
XOOPS 2.5.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/system/xoops_version.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3805 | 5.0 |
TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain othe
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3789 | 5.0 |
phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by template/inc_script/frontend_render/disabled/majonavi.php and
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3808 | 5.0 |
The Bug Genie 2.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/svn_integration/config.inc.php and certain other file
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3783 | 5.0 |
phpMyFAQ 2.6.13 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lang/language_uk.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3812 | 5.0 |
Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3794 | 5.0 |
Pligg CMS 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/init.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3816 | 5.0 |
WEBinsta mailing list manager 1.3e allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/install3.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3796 | 5.0 |
PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3826 | 5.0 |
Zikula 1.2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/voodoodolly/version.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3810 | 5.0 |
TinyWebGallery (TWG) 1.8.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by i_frames/i_register.php.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3792 | 5.0 |
Pixelpost 1.7.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/functions_feeds.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3823 | 5.0 |
Yamamah 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/index.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3790 | 5.0 |
Piwigo 2.1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tools/metadata.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3786 | 5.0 |
PHProjekt 6.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Setup/Controllers/IndexController.php.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3815 | 5.0 |
WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by js/calendar.php and certain other files.
|
21-05-2012 - 04:00 | 24-09-2011 - 00:55 | |
| CVE-2011-3726 | 5.0 |
DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3710 | 5.0 |
bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3729 | 5.0 |
dotproject 2.1.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by style/dp-grey-theme/footer.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3711 | 5.0 |
BIGACE 2.7.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/libs/javascript.inc.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3699 | 5.0 |
John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/test-active-record.php and certain othe
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3709 | 5.0 |
b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ru_RU/ru-RU.locale.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3700 | 5.0 |
Advanced Electron Forum (AEF) 1.0.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by languages/english/deletetopic_lang.php.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3706 | 5.0 |
ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by users/tool_settings.inc.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3697 | 5.0 |
Achievo 1.4.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/graph/jpgraph/jpgraph_radar.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3712 | 5.0 |
CakePHP 1.3.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by dispatcher.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3723 | 5.0 |
Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by README_FILES/livehelp.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3695 | 5.0 |
111WebCalendar 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by footer.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3722 | 5.0 |
Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3702 | 5.0 |
Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/template.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3725 | 5.0 |
DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by header_html.php.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3715 | 5.0 |
ClanTiger 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/statistics.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3724 | 5.0 |
CubeCart 4.4.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/shipping/USPS/calc.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3708 | 5.0 |
Automne 4.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/page-redirect-info.php.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3701 | 5.0 |
AlegroCart 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by common.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3719 | 5.0 |
CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3732 | 5.0 |
eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by _lib/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-s
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3717 | 5.0 |
ClipBucket 2.0.9 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/signup_captcha/signup_captcha.php and certain other file
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3704 | 5.0 |
appRain 0.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by cron.php.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3721 | 5.0 |
concrete 5.4.0.5, 5.4.1, and 5.4.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tools/spellchecker_service.php and certain o
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3728 | 5.0 |
Dolphin 7.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/BxDolXMLRPCProfileView.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3714 | 5.0 |
ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3703 | 5.0 |
AneCMS 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/menu/index.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3730 | 5.0 |
Drupal 7.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/simpletest/tests/upgrade/drupal-6.upload.database.php and cert
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3718 | 5.0 |
CMS Made Simple (CMSMS) 1.9.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/TinyMCE/TinyMCE.module.php and certain othe
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3707 | 5.0 |
JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Auth/Yadis/Yadis.php and certai
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3698 | 5.0 |
AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/poll_vote.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3731 | 5.0 |
e107 0.7.24 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by e107_plugins/pdf/e107pdf.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3716 | 5.0 |
Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by work/connector/linker.cnr.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3705 | 5.0 |
Arctic Fox CMS 0.9.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by acp/includes/edit.inc.php and certain other files.
|
13-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3756 | 5.0 |
MicroBlog 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by init.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3742 | 5.0 |
HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/HelpCenter/index.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3751 | 5.0 |
LifeType 1.2.10 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/badbehavior/pluginbadbehavior.class.php.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3744 | 5.0 |
HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/PHPT/Reporter/SimpleTest.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3749 | 5.0 |
ka-Map 1.0-20070205 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3734 | 5.0 |
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3753 | 5.0 |
LinPHA 1.3.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by viewer.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3738 | 5.0 |
Feng Office 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3754 | 5.0 |
Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3740 | 5.0 |
FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by reporting/includes/fpdi/fpdi2tcpdf_bridge.php and certain o
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3750 | 5.0 |
kPlaylist 1.8.502 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by getid3/getid3/write.id3v1.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3741 | 5.0 |
Ganglia 3.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by host_view.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3757 | 5.0 |
Moodle 2.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by webservice/xmlrpc/locallib.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3737 | 5.0 |
eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by apps/rmail/webmail/program/lib/Net/SMTP.php and certain other files
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3739 | 5.0 |
Freeway 1.5 Alpha allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/Freeway/boxes/last_product.php and certain other file
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3748 | 5.0 |
Kamads Classifieds 2_B3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by V2A_XHTML/style/view.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3733 | 5.0 |
Elgg 1.7.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by vendors/simpletest/test/visual_test.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3747 | 5.0 |
Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3735 | 5.0 |
Escort Agency CMS (aka escort-agency-cms) allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3759 | 5.0 |
MyBB (aka MyBulletinBoard) 1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/3rdparty/diff/Diff/ThreeWay.php and certain ot
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3743 | 5.0 |
Hesk 2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/footer.inc.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3758 | 5.0 |
::mound:: 2.1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/smarty/libs/sysplugins/smarty_internal_template.php and certa
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3745 | 5.0 |
HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/hycus_template/template.php.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3752 | 5.0 |
LimeSurvey 1.90+ build9642-20101214 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/statistics.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3736 | 5.0 |
ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by upgrades/upgrade9.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3746 | 5.0 |
Jcow 4.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/page.tpl.php and certain other files.
|
12-03-2012 - 04:00 | 23-09-2011 - 23:55 | |
| CVE-2011-3720 | 5.0 |
conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by sys_libs/umlib/um_authserver
|
21-10-2011 - 02:56 | 23-09-2011 - 23:55 |