Total
7102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3823 | 1 Yamamah | 1 Yamamah | 2012-05-21 | 5.0 MEDIUM | N/A |
| Yamamah 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/index.php and certain other files. | |||||
| CVE-2011-3781 | 1 Phpids | 1 Phpids | 2012-05-21 | 5.0 MEDIUM | N/A |
| PHPIDS 0.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/IDS/VersionTest.php and certain other files. | |||||
| CVE-2011-3824 | 1 Yourls | 1 Yourls | 2012-05-21 | 5.0 MEDIUM | N/A |
| Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files. | |||||
| CVE-2011-3694 | 1 Netsaro | 1 Enterprise Messenger Server | 2012-05-21 | 5.0 MEDIUM | N/A |
| The Server Administration Console in NetSaro Enterprise Messenger Server 2.0 allows remote attackers to read application source code by appending a %00 character to a URL. | |||||
| CVE-2011-3800 | 1 S9y | 1 Serendipity | 2012-05-21 | 5.0 MEDIUM | N/A |
| Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/newspaper/layout.php and certain other files. | |||||
| CVE-2011-3807 | 1 Textpattern | 1 Textpattern | 2012-05-21 | 5.0 MEDIUM | N/A |
| Textpattern 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/txplib_db.php and certain other files. | |||||
| CVE-2011-3790 | 1 Piwigo | 1 Piwigo | 2012-05-21 | 5.0 MEDIUM | N/A |
| Piwigo 2.1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tools/metadata.php and certain other files. | |||||
| CVE-2011-3799 | 1 Elazos | 1 Reos | 2012-05-21 | 5.0 MEDIUM | N/A |
| ReOS 2.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by padmin/blocks/vergal.php and certain other files. | |||||
| CVE-2011-3813 | 1 Vwar | 1 Virtual War | 2012-05-21 | 5.0 MEDIUM | N/A |
| Virtual War (aka VWar) 1.5.0r15 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/language/dutch.inc.php and certain other files. | |||||
| CVE-2011-3797 | 1 Projectpier | 1 Projectpier | 2012-05-21 | 5.0 MEDIUM | N/A |
| ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files. | |||||
| CVE-2011-3808 | 1 Thebuggenie | 1 The Bug Genie | 2012-05-21 | 5.0 MEDIUM | N/A |
| The Bug Genie 2.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/svn_integration/config.inc.php and certain other files. | |||||
| CVE-2011-3796 | 1 Prestashop | 1 Prestashop | 2012-05-21 | 5.0 MEDIUM | N/A |
| PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files. | |||||
| CVE-2011-3784 | 1 Phpnuke | 1 Php-nuke | 2012-05-21 | 5.0 MEDIUM | N/A |
| Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files. | |||||
| CVE-2011-3789 | 1 Phpwcms | 1 Phpwcms | 2012-05-21 | 5.0 MEDIUM | N/A |
| phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by template/inc_script/frontend_render/disabled/majonavi.php and certain other files. | |||||
| CVE-2011-3805 | 1 Taskfreak | 1 Taskfreak\! Multi-mysql | 2012-05-21 | 5.0 MEDIUM | N/A |
| TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain other files. | |||||
| CVE-2011-3825 | 1 Zend | 2 Framework, Server | 2012-05-21 | 5.0 MEDIUM | N/A |
| Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other files. | |||||
| CVE-2011-3815 | 1 Webidsupport | 1 Webid | 2012-05-21 | 5.0 MEDIUM | N/A |
| WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by js/calendar.php and certain other files. | |||||
| CVE-2011-3788 | 1 Phpsec | 1 Phpsecinfo | 2012-05-21 | 5.0 MEDIUM | N/A |
| PhpSecInfo 0.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Test/Test_Suhosin.php and certain other files. | |||||
| CVE-2011-3804 | 1 Basic-cms | 1 Sweetrice | 2012-05-21 | 5.0 MEDIUM | N/A |
| SweetRice 0.7.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by _plugin/tiny_mce/plugins/advimage/images.php. | |||||
| CVE-2011-3803 | 1 Sugarcrm | 1 Sugarcrm | 2012-05-21 | 5.0 MEDIUM | N/A |
| SugarCRM 6.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Sugar5/layout_utils.php and certain other files. | |||||