CVE List - 2011 / September
Showing 201 - 300 of 387 CVEs for September 2011 (Page 3 of 4)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2011-3697 | 2011-09-23 | Achievo 1.4.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/graph/jpgraph/jpgraph_radar.php... |
| CVE-2011-3698 | 2011-09-23 | AdaptCMS 2.0.2 Beta allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3699 | 2011-09-23 | John Lim ADOdb Library for PHP 5.11 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error... |
| CVE-2011-3700 | 2011-09-23 | Advanced Electron Forum (AEF) 1.0.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as... |
| CVE-2011-3701 | 2011-09-23 | AlegroCart 1.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by common.php... |
| CVE-2011-3702 | 2011-09-23 | Ananta Gazelle 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3703 | 2011-09-23 | AneCMS 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/menu/index.php... |
| CVE-2011-3704 | 2011-09-23 | appRain 0.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by cron.php. |
| CVE-2011-3705 | 2011-09-23 | Arctic Fox CMS 0.9.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated... |
| CVE-2011-3706 | 2011-09-23 | ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by users/tool_settings.inc.php... |
| CVE-2011-3707 | 2011-09-23 | JanRain PHP OpenID library (aka php-openid) 2.2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error... |
| CVE-2011-3708 | 2011-09-23 | Automne 4.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/page-redirect-info.php. |
| CVE-2011-3709 | 2011-09-23 | b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ru_RU/ru-RU.locale.php... |
| CVE-2011-3710 | 2011-09-23 | bbPress 1.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by bb-templates/kakumei/view.php... |
| CVE-2011-3711 | 2011-09-23 | BIGACE 2.7.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/libs/javascript.inc.php... |
| CVE-2011-3712 | 2011-09-23 | CakePHP 1.3.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by dispatcher.php... |
| CVE-2011-3714 | 2011-09-23 | ClanSphere 2010.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by mods/board/attachment.php. |
| CVE-2011-3715 | 2011-09-23 | ClanTiger 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/statistics.php... |
| CVE-2011-3716 | 2011-09-23 | Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by work/connector/linker.cnr.php... |
| CVE-2011-3717 | 2011-09-23 | ClipBucket 2.0.9 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/signup_captcha/signup_captcha.php... |
| CVE-2011-3718 | 2011-09-23 | CMS Made Simple (CMSMS) 1.9.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as... |
| CVE-2011-3719 | 2011-09-23 | CodeIgniter 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php... |
| CVE-2011-3721 | 2011-09-23 | concrete 5.4.0.5, 5.4.1, and 5.4.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as... |
| CVE-2011-3722 | 2011-09-23 | Coppermine Photo Gallery (CPG) 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as... |
| CVE-2011-3723 | 2011-09-23 | Crafty Syntax 3.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3724 | 2011-09-23 | CubeCart 4.4.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/shipping/USPS/calc.php... |
| CVE-2011-3725 | 2011-09-23 | DeluxeBB 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by header_html.php. |
| CVE-2011-3726 | 2011-09-23 | DoceboLMS 4.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by views/dummy/show.php... |
| CVE-2011-3728 | 2011-09-23 | Dolphin 7.0.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/BxDolXMLRPCProfileView.php... |
| CVE-2011-3729 | 2011-09-23 | dotproject 2.1.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by style/dp-grey-theme/footer.php... |
| CVE-2011-3730 | 2011-09-23 | Drupal 7.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/simpletest/tests/upgrade/drupal-6.upload.database.php... |
| CVE-2011-3731 | 2011-09-23 | e107 0.7.24 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by e107_plugins/pdf/e107pdf.php... |
| CVE-2011-3732 | 2011-09-23 | eggBlog 4.1.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by _lib/fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php... |
| CVE-2011-3733 | 2011-09-23 | Elgg 1.7.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by vendors/simpletest/test/visual_test.php... |
| CVE-2011-3734 | 2011-09-23 | Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php... |
| CVE-2011-3735 | 2011-09-23 | Escort Agency CMS (aka escort-agency-cms) allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an... |
| CVE-2011-3736 | 2011-09-23 | ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by upgrades/upgrade9.php... |
| CVE-2011-3737 | 2011-09-23 | eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by apps/rmail/webmail/program/lib/Net/SMTP.php... |
| CVE-2011-3738 | 2011-09-23 | Feng Office 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3739 | 2011-09-23 | Freeway 1.5 Alpha allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3740 | 2011-09-23 | FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by reporting/includes/fpdi/fpdi2tcpdf_bridge.php... |
| CVE-2011-3741 | 2011-09-23 | Ganglia 3.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by host_view.php... |
| CVE-2011-3742 | 2011-09-23 | HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3743 | 2011-09-23 | Hesk 2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/footer.inc.php... |
| CVE-2011-3744 | 2011-09-23 | HTML Purifier 4.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3745 | 2011-09-23 | HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/hycus_template/template.php. |
| CVE-2011-3746 | 2011-09-23 | Jcow 4.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/default/page.tpl.php... |
| CVE-2011-3747 | 2011-09-23 | Joomla! 1.6.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libraries/phpmailer/language/phpmailer.lang-joomla.php. |
| CVE-2011-3748 | 2011-09-23 | Kamads Classifieds 2_B3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3749 | 2011-09-23 | ka-Map 1.0-20070205 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by test.php... |
| CVE-2011-3750 | 2011-09-23 | kPlaylist 1.8.502 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by getid3/getid3/write.id3v1.php... |
| CVE-2011-3751 | 2011-09-23 | LifeType 1.2.10 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/badbehavior/pluginbadbehavior.class.php. |
| CVE-2011-3752 | 2011-09-23 | LimeSurvey 1.90+ build9642-20101214 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3753 | 2011-09-23 | LinPHA 1.3.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by viewer.php... |
| CVE-2011-3754 | 2011-09-23 | Mambo 4.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/sef.php... |
| CVE-2011-3756 | 2011-09-23 | MicroBlog 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by init.php... |
| CVE-2011-3757 | 2011-09-23 | Moodle 2.0.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by webservice/xmlrpc/locallib.php... |
| CVE-2011-3758 | 2011-09-23 | ::mound:: 2.1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lib/smarty/libs/sysplugins/smarty_internal_template.php... |
| CVE-2011-3759 | 2011-09-23 | MyBB (aka MyBulletinBoard) 1.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated... |
| CVE-2011-3760 | 2011-09-24 | Nucleus 3.61 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xmlrpc/api_nucleus.inc.php... |
| CVE-2011-3761 | 2011-09-24 | NuSOAP 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by nuSOAP/classes/class.wsdl.php... |
| CVE-2011-3762 | 2011-09-24 | OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php... |
| CVE-2011-3763 | 2011-09-24 | OpenCart 1.4.9.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/startup.php... |
| CVE-2011-3764 | 2011-09-24 | OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by User_Perms_class.php... |
| CVE-2011-3765 | 2011-09-24 | Open-Realty 2.5.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/versions/upgrade_115.inc.php... |
| CVE-2011-3766 | 2011-09-24 | OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/orange/menu/Menu.php... |
| CVE-2011-3767 | 2011-09-24 | osCommerce 3.0a5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by redirect.php. |
| CVE-2011-3768 | 2011-09-24 | Phorum 5.2.15a allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by css.php... |
| CVE-2011-3769 | 2011-09-24 | PHPads 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ads.inc.php. |
| CVE-2011-3770 | 2011-09-24 | phpAlbum 0.4.1.14 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Flowing_Dark/parameters.tpl.php... |
| CVE-2011-3771 | 2011-09-24 | phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by doc/update_smilies_1.50-1.60.php... |
| CVE-2011-3773 | 2011-09-24 | PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by gzip.php. |
| CVE-2011-3774 | 2011-09-24 | php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message,... |
| CVE-2011-3775 | 2011-09-24 | PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xestion/varios/logs.inc.php... |
| CVE-2011-3776 | 2011-09-24 | phpFormGenerator 2.09 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by forms/process.php. |
| CVE-2011-3777 | 2011-09-24 | phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/zilveer/style.css.php... |
| CVE-2011-3778 | 2011-09-24 | PhpGedView 4.2.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by serviceClientTest.php... |
| CVE-2011-3814 | 2011-09-24 | WebCalendar 1.2.3, and other versions before 1.2.5, allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error... |
| CVE-2011-3772 | 2011-09-24 | phpCollab 2.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by topics/noti_newtopic.php... |
| CVE-2011-3779 | 2011-09-24 | PhpHostBot 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/create_acct.php... |
| CVE-2011-3780 | 2011-09-24 | PHP iCalendar 2.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3781 | 2011-09-24 | PHPIDS 0.6.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tests/IDS/VersionTest.php... |
| CVE-2011-3782 | 2011-09-24 | phpLD 2-151.2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by libs/smarty/Smarty_Compiler.class.php... |
| CVE-2011-3783 | 2011-09-24 | phpMyFAQ 2.6.13 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by lang/language_uk.php... |
| CVE-2011-3784 | 2011-09-24 | Francisco Burzi PHP-Nuke 8.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated... |
| CVE-2011-3785 | 2011-09-24 | PHP Point Of Sale (POS) 10.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message,... |
| CVE-2011-3786 | 2011-09-24 | PHProjekt 6.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Setup/Controllers/IndexController.php. |
| CVE-2011-3787 | 2011-09-24 | phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php... |
| CVE-2011-3788 | 2011-09-24 | PhpSecInfo 0.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by Test/Test_Suhosin.php... |
| CVE-2011-3789 | 2011-09-24 | phpwcms 1.4.7 r412 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3790 | 2011-09-24 | Piwigo 2.1.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by tools/metadata.php... |
| CVE-2011-3791 | 2011-09-24 | Piwik 1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Widgetize/Widgetize.php... |
| CVE-2011-3792 | 2011-09-24 | Pixelpost 1.7.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/functions_feeds.php... |
| CVE-2011-3793 | 2011-09-24 | Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php... |
| CVE-2011-3794 | 2011-09-24 | Pligg CMS 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3795 | 2011-09-24 | Podcast Generator 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3796 | 2011-09-24 | PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php... |
| CVE-2011-3797 | 2011-09-24 | ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php... |
| CVE-2011-3798 | 2011-09-24 | Rapid Leech 2.3-v42-svn322 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by... |
| CVE-2011-3799 | 2011-09-24 | ReOS 2.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by padmin/blocks/vergal.php... |