Export limit exceeded: 10828 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10828 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-2146 | 1 Vmware | 5 Esx, Esxi, Fusion and 2 more | 2025-04-11 | N/A |
| mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors. | ||||
| CVE-2011-3777 | 1 Phpfreechat | 1 Phpfreechat | 2025-04-11 | N/A |
| phpFreeChat 1.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/zilveer/style.css.php and certain other files. | ||||
| CVE-2011-2152 | 1 Smartertools | 1 Smarterstats | 2025-04-11 | N/A |
| The SmarterTools SmarterStats 6.0 web server generates web pages containing external links in response to GET requests with query strings for (1) Client/frmViewReports.aspx or (2) UserControls/Popups/frmHelp.aspx, which makes it easier for remote attackers to obtain sensitive information by reading (a) web-server access logs or (b) web-server Referer logs, related to a "cross-domain Referer leakage" issue. | ||||
| CVE-2011-2153 | 1 Smartertools | 1 Smarterstats | 2025-04-11 | N/A |
| Login.aspx in the SmarterTools SmarterStats 6.0 web server supports URLs containing txtUser and txtPass parameters in the query string, which makes it easier for context-dependent attackers to discover credentials by reading (1) web-server access logs, (2) web-server Referer logs, or (3) the browser history, related to a "cross-domain Referer leakage" issue. | ||||
| CVE-2011-3776 | 1 Musawir Ali | 1 Phpformgenerator | 2025-04-11 | N/A |
| phpFormGenerator 2.09 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by forms/process.php. | ||||
| CVE-2011-3775 | 1 Litoweb | 1 Phpfilenavigator | 2025-04-11 | N/A |
| PHPfileNavigator 2.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by xestion/varios/logs.inc.php and certain other files. | ||||
| CVE-2011-3774 | 1 Bishop Bettini | 1 Phpesp | 2025-04-11 | N/A |
| php Easy Survey Package (phpESP) 2.1.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/landing.php and certain other files. | ||||
| CVE-2011-3773 | 1 Phpdevshell | 1 Phpdevshell | 2025-04-11 | N/A |
| PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by gzip.php. | ||||
| CVE-2011-3772 | 1 Php-collab | 1 Phpcollab | 2025-04-11 | N/A |
| phpCollab 2.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by topics/noti_newtopic.php and certain other files. | ||||
| CVE-2011-3771 | 1 Gnu | 1 Phpbook | 2025-04-11 | N/A |
| phpBook 2.1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by doc/update_smilies_1.50-1.60.php and certain other files. | ||||
| CVE-2011-3770 | 1 Phpalbum | 1 Phpalbum | 2025-04-11 | N/A |
| phpAlbum 0.4.1.14 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/Flowing_Dark/parameters.tpl.php and certain other files. | ||||
| CVE-2011-3769 | 1 Blondish | 1 Phpads | 2025-04-11 | N/A |
| PHPads 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by ads.inc.php. | ||||
| CVE-2011-3768 | 1 Phorum | 1 Phorum | 2025-04-11 | N/A |
| Phorum 5.2.15a allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by css.php and certain other files. | ||||
| CVE-2011-3767 | 1 Oscommerce | 1 Oscommerce | 2025-04-11 | N/A |
| osCommerce 3.0a5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by redirect.php. | ||||
| CVE-2011-3766 | 1 Orangehrm | 1 Orangehrm | 2025-04-11 | N/A |
| OrangeHRM 2.6.0.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by themes/orange/menu/Menu.php and certain other files. | ||||
| CVE-2011-3765 | 1 Open-realty | 1 Open-realty | 2025-04-11 | N/A |
| Open-Realty 2.5.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/versions/upgrade_115.inc.php and certain other files. | ||||
| CVE-2011-3764 | 1 Opendocman | 1 Opendocman | 2025-04-11 | N/A |
| OpenDocMan 1.2.6-svn-2011-01-21 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by User_Perms_class.php and certain other files. | ||||
| CVE-2011-3763 | 1 Opencart | 1 Opencart | 2025-04-11 | N/A |
| OpenCart 1.4.9.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/startup.php and certain other files. | ||||
| CVE-2011-3762 | 1 Open-blog | 1 Openblog | 2025-04-11 | N/A |
| OpenBlog 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/scaffolding/views/view.php and certain other files. | ||||
| CVE-2011-3761 | 1 Dietrich Ayala | 1 Nusoap | 2025-04-11 | N/A |
| NuSOAP 0.9.5 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by nuSOAP/classes/class.wsdl.php and certain other files. | ||||