Total
7102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3792 | 1 Pixelpost | 1 Pixelpost | 2012-05-21 | 5.0 MEDIUM | N/A |
| Pixelpost 1.7.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/functions_feeds.php and certain other files. | |||||
| CVE-2011-3802 | 1 Status | 1 Statusnet | 2012-05-21 | 5.0 MEDIUM | N/A |
| StatusNet 0.9.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tpl/index.php and certain other files. | |||||
| CVE-2011-3780 | 1 Phpicalendar | 1 Php Icalendar | 2012-05-21 | 5.0 MEDIUM | N/A |
| PHP iCalendar 2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by rss/rss_common.php and certain other files. | |||||
| CVE-2011-3811 | 1 Tomatocart | 1 Tomatocart | 2012-05-21 | 5.0 MEDIUM | N/A |
| TomatoCart 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/system/offline.php and certain other files. | |||||
| CVE-2011-3801 | 1 Simpletest | 1 Simpletest | 2012-05-21 | 5.0 MEDIUM | N/A |
| SimpleTest 1.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test/visual_test.php and certain other files. | |||||
| CVE-2011-3818 | 1 Wordpress | 1 Wordpress | 2012-05-21 | 5.0 MEDIUM | N/A |
| WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by wp-admin/includes/user.php and certain other files. | |||||
| CVE-2011-3795 | 1 Betella | 1 Podcast Generator | 2012-05-21 | 5.0 MEDIUM | N/A |
| Podcast Generator 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/themes.php and certain other files. | |||||
| CVE-2011-3819 | 1 53x11 | 1 Wow Server Status | 2012-05-21 | 5.0 MEDIUM | N/A |
| WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by status.php and certain other files. | |||||
| CVE-2011-3809 | 1 Thehostingtool | 1 Thehostingtool | 2012-05-21 | 5.0 MEDIUM | N/A |
| TheHostingTool (THT) 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/pear/Mail/smtp.php and certain other files. | |||||
| CVE-2011-3787 | 1 Nick Korbel | 1 Phpscheduleit | 2012-05-21 | 5.0 MEDIUM | N/A |
| phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php and certain other files. | |||||
| CVE-2011-3810 | 1 Tinywebgallery | 1 Tinywebgallery | 2012-05-21 | 5.0 MEDIUM | N/A |
| TinyWebGallery (TWG) 1.8.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by i_frames/i_register.php. | |||||
| CVE-2011-3812 | 1 Vanillaforums | 1 Vanilla | 2012-05-21 | 5.0 MEDIUM | N/A |
| Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files. | |||||
| CVE-2011-3786 | 1 Phprojekt | 1 Phprojekt | 2012-05-21 | 5.0 MEDIUM | N/A |
| PHProjekt 6.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Setup/Controllers/IndexController.php. | |||||
| CVE-2011-3822 | 1 Xoops | 1 Xoops | 2012-05-21 | 5.0 MEDIUM | N/A |
| XOOPS 2.5.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/system/xoops_version.php and certain other files. | |||||
| CVE-2011-3782 | 1 Phplinkdirectory | 1 Phpld | 2012-05-21 | 5.0 MEDIUM | N/A |
| phpLD 2-151.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libs/smarty/Smarty_Compiler.class.php and certain other files. | |||||
| CVE-2011-3806 | 1 Tecnick | 1 Tcexam | 2012-05-21 | 5.0 MEDIUM | N/A |
| TCExam 11.1.015 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/code/tce_page_footer.php and certain other files. | |||||
| CVE-2011-3817 | 1 Websitebaker2 | 1 Website Baker | 2012-05-21 | 5.0 MEDIUM | N/A |
| Website Baker 2.8.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/media/parameters.php and certain other files. NOTE: this might overlap CVE-2005-2436. | |||||
| CVE-2011-3785 | 1 Phppointofsale | 1 Php Point Of Sale | 2012-05-21 | 5.0 MEDIUM | N/A |
| PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files. | |||||
| CVE-2011-2042 | 1 Cisco | 1 Ciscoworks Common Services | 2012-05-14 | 5.0 MEDIUM | N/A |
| The Sybase SQL Anywhere database component in Cisco CiscoWorks Common Services 3.x and 4.x before 4.1 allows remote attackers to obtain potentially sensitive information about the engine name and database port via an unspecified request to UDP port 2638, aka Bug ID CSCsk35018. | |||||
| CVE-2011-1162 | 1 Linux | 1 Linux Kernel | 2012-03-19 | 2.1 LOW | N/A |
| The tpm_read function in the Linux kernel 2.6 does not properly clear memory, which might allow local users to read the results of the previous TPM command. | |||||