Total
7102 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-3730 | 1 Drupal | 1 Drupal | 2012-03-13 | 5.0 MEDIUM | N/A |
| Drupal 7.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/simpletest/tests/upgrade/drupal-6.upload.database.php and certain other files. | |||||
| CVE-2011-3731 | 1 E107 | 1 E107 | 2012-03-13 | 5.0 MEDIUM | N/A |
| e107 0.7.24 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by e107_plugins/pdf/e107pdf.php and certain other files. | |||||
| CVE-2011-3732 | 1 Eggblog | 1 Eggblog | 2012-03-13 | 5.0 MEDIUM | N/A |
| eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by _lib/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php and certain other files. | |||||
| CVE-2011-3704 | 1 Apprain | 1 Apprain | 2012-03-13 | 5.0 MEDIUM | N/A |
| appRain 0.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by cron.php. | |||||
| CVE-2011-3719 | 1 Codeigniter | 1 Codeigniter | 2012-03-13 | 5.0 MEDIUM | N/A |
| CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files. | |||||
| CVE-2011-3724 | 1 Cubecart | 1 Cubecart | 2012-03-13 | 5.0 MEDIUM | N/A |
| CubeCart 4.4.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/shipping/USPS/calc.php and certain other files. | |||||
| CVE-2011-3725 | 1 Deluxebb | 1 Deluxebb | 2012-03-13 | 5.0 MEDIUM | N/A |
| DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by header_html.php. | |||||
| CVE-2011-3714 | 1 Csphere | 1 Clansphere | 2012-03-13 | 5.0 MEDIUM | N/A |
| ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php. | |||||
| CVE-2011-3726 | 1 Docebo | 1 Docebolms | 2012-03-13 | 5.0 MEDIUM | N/A |
| DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php and certain other files. | |||||
| CVE-2011-3718 | 1 Cmsmadesimple | 1 Cms Made Simple | 2012-03-13 | 5.0 MEDIUM | N/A |
| CMS Made Simple (CMSMS) 1.9.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/TinyMCE/TinyMCE.module.php and certain other files. NOTE: this might overlap CVE-2007-5444. | |||||
| CVE-2011-3700 | 1 Anelectron | 1 Advanced Electron Forum | 2012-03-13 | 5.0 MEDIUM | N/A |
| Advanced Electron Forum (AEF) 1.0.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by languages/english/deletetopic_lang.php. | |||||
| CVE-2011-3729 | 1 Dotproject | 1 Dotproject | 2012-03-13 | 5.0 MEDIUM | N/A |
| dotproject 2.1.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by style/dp-grey-theme/footer.php and certain other files. | |||||
| CVE-2011-3716 | 1 Claroline | 1 Claroline | 2012-03-13 | 5.0 MEDIUM | N/A |
| Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by work/connector/linker.cnr.php and certain other files. | |||||
| CVE-2011-3703 | 1 Anecms | 1 Anecms | 2012-03-13 | 5.0 MEDIUM | N/A |
| AneCMS 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/menu/index.php and certain other files. | |||||
| CVE-2011-3710 | 1 Bbpress | 1 Bbpress | 2012-03-13 | 5.0 MEDIUM | N/A |
| bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php and certain other files. | |||||
| CVE-2011-3723 | 1 Craftysyntax | 1 Crafty Syntax | 2012-03-13 | 5.0 MEDIUM | N/A |
| Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by README_FILES/livehelp.php and certain other files. | |||||
| CVE-2011-3745 | 1 Hycus | 1 Hycus Cms | 2012-03-12 | 5.0 MEDIUM | N/A |
| HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/hycus_template/template.php. | |||||
| CVE-2011-3754 | 1 Mambo-foundation | 1 Mambo | 2012-03-12 | 5.0 MEDIUM | N/A |
| Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files. | |||||
| CVE-2011-3751 | 1 Lifetype | 1 Lifetype | 2012-03-12 | 5.0 MEDIUM | N/A |
| LifeType 1.2.10 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/badbehavior/pluginbadbehavior.class.php. | |||||
| CVE-2011-3759 | 1 Mybb | 1 Mybb | 2012-03-12 | 5.0 MEDIUM | N/A |
| MyBB (aka MyBulletinBoard) 1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/3rdparty/diff/Diff/ThreeWay.php and certain other files. | |||||