Max CVSS 5.0 Min CVSS 5.0 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2011-3696 5.0
60cycleCMS 2.5.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by post.php and certain other files.
25-08-2021 - 20:30 23-09-2011 - 23:55
CVE-2011-3793 5.0
Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files.
29-03-2021 - 12:16 24-09-2011 - 00:55
CVE-2011-3791 5.0
Piwik 1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Widgetize/Widgetize.php and certain other files.
21-11-2019 - 13:30 24-09-2011 - 00:55
CVE-2011-3769 5.0
PHPads 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ads.inc.php.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3770 5.0
phpAlbum 0.4.1.14 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Flowing_Dark/parameters.tpl.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3777 5.0
phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/zilveer/style.css.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3760 5.0
Nucleus 3.61 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/api_nucleus.inc.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3778 5.0
PhpGedView 4.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by serviceClientTest.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3767 5.0
osCommerce 3.0a5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by redirect.php.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3774 5.0
php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/landing.php and certain other files
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3713 5.0
cFTP r80 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/session_check.php and certain other files.
29-08-2017 - 01:30 23-09-2011 - 23:55
CVE-2011-3766 5.0
OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/orange/menu/Menu.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3764 5.0
OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by User_Perms_class.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3773 5.0
PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by gzip.php.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3765 5.0
Open-Realty 2.5.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/versions/upgrade_115.inc.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3762 5.0
OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3763 5.0
OpenCart 1.4.9.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/startup.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3775 5.0
PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xestion/varios/logs.inc.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3771 5.0
phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by doc/update_smilies_1.50-1.60.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3768 5.0
Phorum 5.2.15a allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by css.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3776 5.0
phpFormGenerator 2.09 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by forms/process.php.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-3761 5.0
NuSOAP 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by nuSOAP/classes/class.wsdl.php and certain other files.
29-08-2017 - 01:30 24-09-2011 - 00:55
CVE-2011-2891 5.0
Joomla! 1.6.x before 1.6.2 allows remote attackers to obtain sensitive information via an empty Itemid array parameter to index.php, which reveals the installation path in an error message, a different vulnerability than CVE-2011-2488.
29-08-2017 - 01:29 27-07-2011 - 20:55
CVE-2011-3727 5.0
DokuWiki 2009-12-25c allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/tpl/index.php and certain other files.
13-12-2013 - 04:52 23-09-2011 - 23:55
CVE-2011-3755 5.0
MantisBT 1.2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by view_all_inc.php and certain other files.
27-08-2013 - 03:17 23-09-2011 - 23:55
CVE-2011-3798 5.0
Rapid Leech 2.3-v42-svn322 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by classes/pear.php and certain other files.
24-10-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3814 5.0
WebCalendar 1.2.3, and other versions before 1.2.5, allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ws/user_mod.php and certain o
13-10-2012 - 03:16 24-09-2011 - 00:55
CVE-2011-3772 5.0
phpCollab 2.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by topics/noti_newtopic.php and certain other files.
31-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3779 5.0
PhpHostBot 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/create_acct.php and certain other files.
31-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3813 5.0
Virtual War (aka VWar) 1.5.0r15 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/language/dutch.inc.php and certain other
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3800 5.0
Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/newspaper/layout.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3785 5.0
PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3811 5.0
TomatoCart 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/system/offline.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3818 5.0
WordPress 2.9.2 and 3.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by wp-admin/includes/user.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3795 5.0
Podcast Generator 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/themes.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3821 5.0
xajax 0.6 beta1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xajax_core/plugin_layer/xajaxScriptPlugin.inc.php and certain oth
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3806 5.0
TCExam 11.1.015 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/code/tce_page_footer.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3804 5.0
SweetRice 0.7.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by _plugin/tiny_mce/plugins/advimage/images.php.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3788 5.0
PhpSecInfo 0.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Test/Test_Suhosin.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3825 5.0
Zend Framework 1.11.3 in Zend Server CE 5.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Validate.php and certain other file
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3807 5.0
Textpattern 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/txplib_db.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3799 5.0
ReOS 2.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by padmin/blocks/vergal.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3782 5.0
phpLD 2-151.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libs/smarty/Smarty_Compiler.class.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3824 5.0
Your Own URL Shortener (YOURLS) 1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/auth.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3819 5.0
WoW Server Status 4.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by status.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3802 5.0
StatusNet 0.9.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tpl/index.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3787 5.0
phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3820 5.0
WSN Software 6.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/prestart.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3803 5.0
SugarCRM 6.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Sugar5/layout_utils.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3784 5.0
Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Odyssey/theme.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3817 5.0
Website Baker 2.8.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/media/parameters.php and certain other files. NOTE: th
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3801 5.0
SimpleTest 1.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test/visual_test.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3797 5.0
ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3781 5.0
PHPIDS 0.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/IDS/VersionTest.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3809 5.0
TheHostingTool (THT) 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/pear/Mail/smtp.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3780 5.0
PHP iCalendar 2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by rss/rss_common.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3822 5.0
XOOPS 2.5.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/system/xoops_version.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3805 5.0
TaskFreak! multi-mysql-0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/language/zh/register_info.php and certain othe
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3789 5.0
phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by template/inc_script/frontend_render/disabled/majonavi.php and
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3808 5.0
The Bug Genie 2.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/svn_integration/config.inc.php and certain other file
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3783 5.0
phpMyFAQ 2.6.13 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lang/language_uk.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3812 5.0
Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3794 5.0
Pligg CMS 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/init.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3816 5.0
WEBinsta mailing list manager 1.3e allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/install3.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3796 5.0
PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3826 5.0
Zikula 1.2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/voodoodolly/version.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3810 5.0
TinyWebGallery (TWG) 1.8.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by i_frames/i_register.php.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3792 5.0
Pixelpost 1.7.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/functions_feeds.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3823 5.0
Yamamah 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/index.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3790 5.0
Piwigo 2.1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tools/metadata.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3786 5.0
PHProjekt 6.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Setup/Controllers/IndexController.php.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3815 5.0
WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by js/calendar.php and certain other files.
21-05-2012 - 04:00 24-09-2011 - 00:55
CVE-2011-3726 5.0
DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3710 5.0
bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3729 5.0
dotproject 2.1.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by style/dp-grey-theme/footer.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3711 5.0
BIGACE 2.7.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/libs/javascript.inc.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3699 5.0
John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/test-active-record.php and certain othe
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3709 5.0
b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ru_RU/ru-RU.locale.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3700 5.0
Advanced Electron Forum (AEF) 1.0.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by languages/english/deletetopic_lang.php.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3706 5.0
ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by users/tool_settings.inc.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3697 5.0
Achievo 1.4.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/graph/jpgraph/jpgraph_radar.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3712 5.0
CakePHP 1.3.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by dispatcher.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3723 5.0
Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by README_FILES/livehelp.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3695 5.0
111WebCalendar 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by footer.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3722 5.0
Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3702 5.0
Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/template.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3725 5.0
DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by header_html.php.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3715 5.0
ClanTiger 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/statistics.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3724 5.0
CubeCart 4.4.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/shipping/USPS/calc.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3708 5.0
Automne 4.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/page-redirect-info.php.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3701 5.0
AlegroCart 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by common.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3719 5.0
CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3732 5.0
eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by _lib/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-s
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3717 5.0
ClipBucket 2.0.9 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/signup_captcha/signup_captcha.php and certain other file
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3704 5.0
appRain 0.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by cron.php.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3721 5.0
concrete 5.4.0.5, 5.4.1, and 5.4.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tools/spellchecker_service.php and certain o
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3728 5.0
Dolphin 7.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/BxDolXMLRPCProfileView.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3714 5.0
ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3703 5.0
AneCMS 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/menu/index.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3730 5.0
Drupal 7.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/simpletest/tests/upgrade/drupal-6.upload.database.php and cert
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3718 5.0
CMS Made Simple (CMSMS) 1.9.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/TinyMCE/TinyMCE.module.php and certain othe
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3707 5.0
JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Auth/Yadis/Yadis.php and certai
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3698 5.0
AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/poll_vote.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3731 5.0
e107 0.7.24 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by e107_plugins/pdf/e107pdf.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3716 5.0
Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by work/connector/linker.cnr.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3705 5.0
Arctic Fox CMS 0.9.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by acp/includes/edit.inc.php and certain other files.
13-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3756 5.0
MicroBlog 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by init.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3742 5.0
HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/HelpCenter/index.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3751 5.0
LifeType 1.2.10 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/badbehavior/pluginbadbehavior.class.php.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3744 5.0
HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/PHPT/Reporter/SimpleTest.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3749 5.0
ka-Map 1.0-20070205 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3734 5.0
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3753 5.0
LinPHA 1.3.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by viewer.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3738 5.0
Feng Office 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3754 5.0
Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3740 5.0
FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by reporting/includes/fpdi/fpdi2tcpdf_bridge.php and certain o
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3750 5.0
kPlaylist 1.8.502 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by getid3/getid3/write.id3v1.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3741 5.0
Ganglia 3.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by host_view.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3757 5.0
Moodle 2.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by webservice/xmlrpc/locallib.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3737 5.0
eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by apps/rmail/webmail/program/lib/Net/SMTP.php and certain other files
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3739 5.0
Freeway 1.5 Alpha allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/Freeway/boxes/last_product.php and certain other file
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3748 5.0
Kamads Classifieds 2_B3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by V2A_XHTML/style/view.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3733 5.0
Elgg 1.7.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by vendors/simpletest/test/visual_test.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3747 5.0
Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3735 5.0
Escort Agency CMS (aka escort-agency-cms) allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3759 5.0
MyBB (aka MyBulletinBoard) 1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/3rdparty/diff/Diff/ThreeWay.php and certain ot
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3743 5.0
Hesk 2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/footer.inc.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3758 5.0
::mound:: 2.1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/smarty/libs/sysplugins/smarty_internal_template.php and certa
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3745 5.0
HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/hycus_template/template.php.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3752 5.0
LimeSurvey 1.90+ build9642-20101214 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/statistics.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3736 5.0
ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by upgrades/upgrade9.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3746 5.0
Jcow 4.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/page.tpl.php and certain other files.
12-03-2012 - 04:00 23-09-2011 - 23:55
CVE-2011-3720 5.0
conceptcms 5.3.1, 5.3.3, and possibly other versions allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by sys_libs/umlib/um_authserver
21-10-2011 - 02:56 23-09-2011 - 23:55
Back to Top Mark selected
Back to Top