Total
10358 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-4014 | 1 Cisco | 1 Wireless Control System Software | 2025-04-11 | N/A |
| The TAC Case Attachment tool in Cisco Wireless Control System (WCS) 7.0 allows remote authenticated users to read arbitrary files under webnms/Temp/ via unspecified vectors, aka Bug ID CSCtq86807. | ||||
| CVE-2011-3816 | 1 Webinsta | 1 Mailing List Manager | 2025-04-11 | N/A |
| WEBinsta mailing list manager 1.3e allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/install3.php and certain other files. | ||||
| CVE-2010-0523 | 1 Apple | 1 Mac Os X Server | 2025-04-11 | N/A |
| Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file types of uploaded files, which allows remote attackers to obtain sensitive information or possibly have unspecified other impact via a crafted file, as demonstrated by a Java applet. | ||||
| CVE-2011-3815 | 1 Webidsupport | 1 Webid | 2025-04-11 | N/A |
| WeBid 1.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by js/calendar.php and certain other files. | ||||
| CVE-2011-3814 | 1 K5n | 1 Webcalendar | 2025-04-11 | N/A |
| WebCalendar 1.2.3, and other versions before 1.2.5, allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ws/user_mod.php and certain other files. | ||||
| CVE-2011-3813 | 1 Vwar | 1 Virtual War | 2025-04-11 | N/A |
| Virtual War (aka VWar) 1.5.0r15 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by includes/language/dutch.inc.php and certain other files. | ||||
| CVE-2010-2333 | 1 Litespeedtech | 1 Litespeed Web Server | 2025-04-11 | N/A |
| LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension. | ||||
| CVE-2011-3812 | 1 Vanillaforums | 1 Vanilla | 2025-04-11 | N/A |
| Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files. | ||||
| CVE-2011-3811 | 1 Tomatocart | 1 Tomatocart | 2025-04-11 | N/A |
| TomatoCart 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/system/offline.php and certain other files. | ||||
| CVE-2011-3800 | 1 S9y | 1 Serendipity | 2025-04-11 | N/A |
| Serendipity 1.5.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/newspaper/layout.php and certain other files. | ||||
| CVE-2010-1157 | 2 Apache, Redhat | 3 Tomcat, Jboss Enterprise Application Platform, Jboss Enterprise Web Server | 2025-04-11 | N/A |
| Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires (1) BASIC or (2) DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the reply. | ||||
| CVE-2011-3799 | 1 Elazos | 1 Reos | 2025-04-11 | N/A |
| ReOS 2.0.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by padmin/blocks/vergal.php and certain other files. | ||||
| CVE-2011-3798 | 1 Rapidleech | 1 Rapidleech | 2025-04-11 | N/A |
| Rapid Leech 2.3-v42-svn322 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by classes/pear.php and certain other files. | ||||
| CVE-2011-3797 | 1 Projectpier | 1 Projectpier | 2025-04-11 | N/A |
| ProjectPier 0.8.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files. | ||||
| CVE-2011-3796 | 1 Prestashop | 1 Prestashop | 2025-04-11 | N/A |
| PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files. | ||||
| CVE-2013-6480 | 1 Apache | 1 Libcloud | 2025-04-11 | N/A |
| Libcloud 0.12.3 through 0.13.2 does not set the scrub_data parameter for the destroy DigitalOcean API, which allows local users to obtain sensitive information by leveraging a new VM. | ||||
| CVE-2011-3795 | 1 Betella | 1 Podcast Generator | 2025-04-11 | N/A |
| Podcast Generator 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/themes.php and certain other files. | ||||
| CVE-2011-3794 | 1 Pligg | 1 Pligg Cms | 2025-04-11 | N/A |
| Pligg CMS 1.1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/statistics/init.php and certain other files. | ||||
| CVE-2010-1860 | 1 Php | 1 Php | 2025-04-11 | N/A |
| The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information (memory contents) or trigger memory corruption by causing a userspace interruption of an internal call, related to the call time pass by reference feature. | ||||
| CVE-2011-3772 | 1 Php-collab | 1 Phpcollab | 2025-04-11 | N/A |
| phpCollab 2.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by topics/noti_newtopic.php and certain other files. | ||||