Total
167 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-1688 | 1 Wordpress | 1 Wordpress | 2024-02-28 | 5.0 MEDIUM | N/A |
Wordpress 1.5 and earlier allows remote attackers to obtain sensitive information via a direct request to files in (1) wp-content/themes/, (2) wp-includes/, or (3) wp-admin/, which reveal the path in an error message. | |||||
CVE-2005-1668 | 1 Yusasp | 1 Web Asset Manager | 2024-02-28 | 7.5 HIGH | N/A |
YusASP Web Asset Manager 1.0 allows remote attackers to gain privileges via a direct request to assetmanager.asp. | |||||
CVE-2005-1698 | 1 Postnuke | 1 Postnuke | 2024-02-28 | 5.0 MEDIUM | N/A |
PostNuke 0.750 and 0.760RC3 allows remote attackers to obtain sensitive information via a direct request to (1) theme.php or (2) Xanthia.php in the Xanthia module, (3) user.php, (4) thelang.php, (5) text.php, (6) html.php, (7) menu.php, (8) finclude.php, or (9) button.php in the pnblocks directory in the Blocks module, (10) config.php in the NS-Multisites (aka Multisites) module, or (11) xmlrpc.php, which reveals the path in an error message. | |||||
CVE-2005-1697 | 1 Postnuke | 1 Postnuke | 2024-02-28 | 5.0 MEDIUM | N/A |
The RSS module in PostNuke 0.750 and 0.760RC2 and RC3 allows remote attackers to obtain sensitive information via a direct request to simple_smarty.php, which reveals the path in an error message. | |||||
CVE-2004-2144 | 1 Baalsystems | 1 Baal Smart Forms | 2024-02-28 | 7.5 HIGH | N/A |
Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php. | |||||
CVE-2004-2257 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-02-28 | 5.0 MEDIUM | N/A |
phpMyFAQ 1.4.0 allows remote attackers to access the Image Manager to upload or delete images without authorization via a direct request. | |||||
CVE-2002-1798 | 1 Midicart | 3 Midicart Php, Midicart Php Maxi, Midicart Php Plus | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a direct request to admin/upload.php or (2) access sensitive information via a direct request to admin/credit_card_info.php. |