Searching reveals software vulnerabilities

The file transfer component of AOL Instant Mess

component | Messenger | transfer | Instant | file | AOL |

The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient.


The Snoop servlet in Jakarta Tomcat 3.1 and 3.0

information | nonexistent | sensitive | extension | attacker | requests | servlet | Jakarta | reveals | remote | Tomcat | Apache | system | Snoop | under | snp | URL |

The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension.


The sample Java servlet "test" in Bajie HTTP we

pathname | document | reveals | servlet | server | sample | "test" | Bajie | real | HTTP | Java | 030a | root | web |

The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root.


csFAQ.cgi in csFAQ allows remote attackers to g

information | attackers | sensitive | parameter | csFAQcgi | database | invalid | reveals | message | allows | server | remote | csFAQ | error | which | gain | path | web | via |

csFAQ.cgi in csFAQ allows remote attackers to gain sensitive information via an invalid database parameter, which reveals the path to the web server in an error message.


The search module in Php-Nuke allows remote att

information | attackers | sensitive | Php-Nuke | remote | module | search | allows | gain | via |

The search module in Php-Nuke allows remote attackers to gain sensitive information via the (1) "**" or (2) "+" search patterns, which reveals the path in an error message.


codebrowserpntm.php in PnTresMailer 6.03 allows

codebrowserpntmphp | PnTresMailer |

codebrowserpntm.php in PnTresMailer 6.03 allows remote attackers to gain sensitive information via an invalid filetohighlight parameter, which reveals the full path in an error message.


WHM AutoPilot 2.4.6.5 and earlier allows remote

AutoPilot | WHM |

WHM AutoPilot 2.4.6.5 and earlier allows remote attackers to gain sensitive information via phpinfo, which reveals php settings.


validate.php in WebCalendar allows remote attac

encoded_login | information | validatephp | WebCalendar | sensitive | parameter | attackers | invalid | reveals | message | remote | allows | error | which | gain | path | full | via |

validate.php in WebCalendar allows remote attackers to gain sensitive information via an invalid encoded_login parameter, which reveals the full path in an error message.


index.php in PHP Links allows remote attackers

information | sensitive | attackers | parameter | indexphp | invalid | message | reveals | allows | remote | which | Links | error | path | full | show | gain | PHP | via |

index.php in PHP Links allows remote attackers to gain sensitive information via an invalid show parameter, which reveals the full path in an error message.


index.php in CoolPHP 1.0-stable allows remote a

information | attackers | sensitive | parameter | 10-stable | indexphp | CoolPHP | invalid | message | reveals | remote | allows | error | which | gain | path | via |

index.php in CoolPHP 1.0-stable allows remote attackers to gain sensitive information via an invalid op parameter, which reveals the path in an error message.


phProfession 2.5 allows remote attackers to gai

phProfession | information | uploadphp | sensitive | attackers | request | message | reveals | direct | remote | allows | error | which | HTTP | path | gain | via | PHP |

phProfession 2.5 allows remote attackers to gain sensitive information via a direct HTTP request to upload.php, which reveals the path in a PHP error message.


The file server in ActivePost Standard 3.1 and

authenticated | information | ActivePost | sensitive | uploading | Standard | success | message | reveals | earlier | allows | server | obtain | remote | users | which | file | path |

The file server in ActivePost Standard 3.1 and earlier allows remote authenticated users to obtain sensitive information by uploading a file, which reveals the path in a success message.


main.php in Gallery 2.0 Alpha allows remote att

information | g2_subView | sensitive | attackers | parameter | changing | mainphp | reveals | message | Gallery | remote | allows | error | which | value | Alpha | gain | path |

main.php in Gallery 2.0 Alpha allows remote attackers to gain sensitive information by changing the value of g2_subView parameter, which reveals the path in an error message.


phpBB 2.0.13 and earlier allows remote attacker

phpBB |

phpBB 2.0.13 and earlier allows remote attackers to obtain sensitive information via a direct request to oracle.php, which reveals the path in a PHP error message.


index.php in myBloggie 2.1.1 allows remote atta

myBloggie | indexphp |

index.php in myBloggie 2.1.1 allows remote attackers to obtain sensitive information via an invalid post_id parameter, which reveals the path in an error message.


PwsPHP 1.2.2 allows remote attackers to obtain

PwsPHP |

PwsPHP 1.2.2 allows remote attackers to obtain sensitive information via a direct request to the admin directory, which reveals the path in an error message.


topic.php in DirectTopics 2.1 and 2.2 allows re

DirectTopics | information | attackers | sensitive | parameter | topicphp | reveals | invalid | message | remote | allows | obtain | error | topic | which | path | via |

topic.php in DirectTopics 2.1 and 2.2 allows remote attackers to obtain sensitive information via an invalid topic parameter, which reveals the path in an error message.


view.php in YaPiG 0.92b, 0.93u and 0.94u allows

information | parameter | sensitive | attackers | reveals | message | integer | viewphp | allows | remote | obtain | error | which | YaPiG | path | 092b | phid | 094u | 093u | via | not |

view.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to obtain sensitive information via a phid parameter that is not an integer, which reveals the path in an error message.


JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remo

JBOSS |

JBOSS 3.2.2 through 3.2.7 and 4.0.2 allows remote attackers to obtain sensitive information via a GET request (1) with a "%." (percent dot), which reveals the installation path or (2) with a % (percent) before a filename, which reveals the contents of the file.


YabbSE 1.5.5c allows remote attackers to obtain

ssi_examplesphp | information | attackers | sensitive | reveals | request | direct | remote | YabbSE | allows | obtain | which | 155c | path | via |

YabbSE 1.5.5c allows remote attackers to obtain sensitive information via a direct request to ssi_examples.php, which reveals the path.


Software vulnerabilities results 1 to 20 of 205     
Page: 12345...11