260171
|
- |
|
mahara
|
mahara
|
The get_dataroot_image_path function in lib/file.php in Mahara before 1.4.1 does not properly validate uploaded image files, which allows remote attackers to cause a denial of service (memory consump…
|
CWE-20
Improper Input Validation
|
CVE-2011-2772
|
2012-03-12 13:00 |
2011-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260172
|
- |
|
conky
|
conky
|
The getSkillname function in the eve module in Conky 1.8.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on /tmp/.cesf.
|
CWE-59
Link Following
|
CVE-2011-3616
|
2012-03-12 13:00 |
2011-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260173
|
- |
|
elgg
|
elgg
|
Elgg 1.7.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by vendors/simpletest/…
|
CWE-200
Information Exposure
|
CVE-2011-3733
|
2012-03-12 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260174
|
- |
|
energine
|
energine
|
Energine 2.3.8 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by core/framework/…
|
CWE-200
Information Exposure
|
CVE-2011-3734
|
2012-03-12 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260175
|
- |
|
escortwebsitedesign
|
escort-agency-cms
|
Escort Agency CMS (aka escort-agency-cms) allows remote attackers to obtain sensitive information via crafted array parameters in a request to a .php file, which reveals the installation path in an e…
|
CWE-200
Information Exposure
|
CVE-2011-3735
|
2012-03-12 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260176
|
- |
|
exoscripts
|
exophpdesk
|
ExoPHPDesk 1.2.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by upgrades/upgr…
|
CWE-200
Information Exposure
|
CVE-2011-3736
|
2012-03-12 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260177
|
- |
|
eyeos
|
eyeos
|
eyeOS 2.2.0.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by apps/rmail/webma…
|
CWE-200
Information Exposure
|
CVE-2011-3737
|
2012-03-12 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260178
|
- |
|
fengoffice
|
feng_office
|
Feng Office 1.7.2 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by public/upgra…
|
CWE-200
Information Exposure
|
CVE-2011-3738
|
2012-03-12 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260179
|
- |
|
openfreeway
|
freeway
|
Freeway 1.5 Alpha allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/Fr…
|
CWE-200
Information Exposure
|
CVE-2011-3739
|
2012-03-12 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
260180
|
- |
|
frontaccounting
|
frontaccounting
|
FrontAccounting 2.3.1 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by reportin…
|
CWE-200
Information Exposure
|
CVE-2011-3740
|
2012-03-12 13:00 |
2011-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|