Export limit exceeded: 14776 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366811 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 10826 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (10826 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2009-4812 1 Wolfram 1 Webmathematica 2025-04-11 N/A
Wolfram Research webMathematica allows remote attackers to obtain sensitive information via a direct request to the MSP script, which reveals the installation path in an error message.
CVE-2010-0214 1 Polyvision 2 Roomwizard, Roomwizard Firmware 2025-04-11 N/A
The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connector Active Directory (AD) credentials in a web form that is accessed over HTTP on port 80, which allows remote attackers to obtain sensitive information by reading the HTML source code corresponding to the /admin/sign/DeviceSynch URI.
CVE-2013-6953 1 Dotnetblogengine 1 Blogengine.net 2025-04-11 N/A
BlogEngine.NET 2.8.0.0 and earlier allows remote attackers to read usernames and password hashes via a request for the sioc.axd file.
CVE-2013-6968 1 Cisco 1 Webex Training Center 2025-04-11 N/A
Cisco WebEx Training Center provides different error messages for registration attempts depending on whether the e-mail address exists, which allows remote attackers to enumerate attendees via a series of requests, aka Bug ID CSCul36003.
CVE-2013-4998 1 Phpmyadmin 1 Phpmyadmin 2025-04-11 N/A
phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.
CVE-2013-6970 1 Cisco 1 Webex Meeting Center 2025-04-11 N/A
Cisco WebEx Meeting Center allows remote attackers to obtain sensitive information by reading verbose error messages within server responses, aka Bug ID CSCul35928.
CVE-2013-6972 1 Cisco 1 Webex Training Center 2025-04-11 N/A
Cisco WebEx Training Center allows remote attackers to discover session numbers, and bypass host approval for audio-conference attendance, by reading HTML source code, aka Bug ID CSCul57126.
CVE-2013-6973 1 Cisco 1 Webex Training Center 2025-04-11 N/A
Cisco WebEx Training Center allows remote attackers to discover registration IDs via a crafted URL, aka Bug ID CSCul57121.
CVE-2011-3716 1 Claroline 1 Claroline 2025-04-11 N/A
Claroline 1.9.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by work/connector/linker.cnr.php and certain other files.
CVE-2011-3743 1 Hesk 1 Hesk 2025-04-11 N/A
Hesk 2.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by inc/footer.inc.php and certain other files.
CVE-2011-3742 1 Helpcenterlive 1 Helpcenter Live 2025-04-11 N/A
HelpCenter Live 2.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/HelpCenter/index.php and certain other files.
CVE-2011-3741 1 Ganglia 1 Ganglia 2025-04-11 N/A
Ganglia 3.1.7 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by host_view.php and certain other files.
CVE-2011-3740 1 Frontaccounting 1 Frontaccounting 2025-04-11 N/A
FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by reporting/includes/fpdi/fpdi2tcpdf_bridge.php and certain other files.
CVE-2011-3739 1 Openfreeway 1 Freeway 2025-04-11 N/A
Freeway 1.5 Alpha allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/Freeway/boxes/last_product.php and certain other files.
CVE-2011-3738 1 Fengoffice 1 Feng Office 2025-04-11 N/A
Feng Office 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgrade/templates/layout.php and certain other files.
CVE-2011-3737 1 Eyeos 1 Eyeos 2025-04-11 N/A
eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by apps/rmail/webmail/program/lib/Net/SMTP.php and certain other files.
CVE-2011-3736 1 Exoscripts 1 Exophpdesk 2025-04-11 N/A
ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by upgrades/upgrade9.php and certain other files.
CVE-2011-3735 1 Escortwebsitedesign 1 Escort-agency-cms 2025-04-11 N/A
Escort Agency CMS (aka escort-agency-cms) allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an error message, as demonstrated by makethumb.php and certain other files.
CVE-2011-3734 1 Energine 1 Energine 2025-04-11 N/A
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/SimpleBuilder.class.php and certain other files.
CVE-2011-3706 1 Atutor 1 Atutor 2025-04-11 N/A
ATutor 2.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by users/tool_settings.inc.php and certain other files.