Vulnerabilities > Information Exposure
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-12-31 | CVE-2002-2346 | Information Exposure vulnerability in PHPbb phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses. | 5.0 |
2002-12-31 | CVE-2002-2342 | Information Exposure vulnerability in JOE Depasquale Bannermatic 1.0/2.0/3.0 Bannermatic 1, 2, and 3 stores the (1) ban.log, (2) ban.bak, (3) ban.dat and (4) banmat.pwd data files under the web document root with insufficient access control, which allows attackers to obtain sensitive information via a direct request for the files. | 5.0 |
2002-12-31 | CVE-2002-2317 | Information Exposure vulnerability in Symantec Velociraptor 1.0 Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method. | 7.8 |
2002-12-31 | CVE-2002-2289 | Information Exposure vulnerability in Working Resources Inc. Badblue 1.7.1 soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including ODBC passwords. | 5.0 |
2002-12-31 | CVE-2002-2288 | Information Exposure vulnerability in Mambo Site Server 4.0.11 Mambo Site Server 4.0.11 allows remote attackers to obtain the physical path of the server via an HTTP request to index.php with a parameter that does not exist, which causes the path to be leaked in an error message. | 5.0 |
2002-12-31 | CVE-2002-2276 | Information Exposure vulnerability in Ultimate PHP Board Ultimate PHP Board 1.0 Ultimate PHP Board (UPB) 1.0 allows remote attackers to view the physical path of the message board via a direct request to add.php, which leaks the path in an error message. | 5.0 |
2002-12-31 | CVE-2002-1718 | Information Exposure vulnerability in Microsoft Internet Information Services 5.1 Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a Frontpage Server Extension (FPSE) file, as claimed using an HTTP request for colegal.htm that contains .. | 5.0 |
2002-12-31 | CVE-2002-1717 | Information Exposure vulnerability in Microsoft Internet Information Services 5.1 Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via a GET request to (1) /_vti_pvt/access.cnf, (2) /_vti_pvt/botinfs.cnf, (3) /_vti_pvt/bots.cnf, or (4) /_vti_pvt/linkinfo.cnf. | 5.0 |
2002-08-12 | CVE-2002-0812 | Information Exposure vulnerability in multiple products Information leak in Compaq WL310, and the Orinoco Residential Gateway access point it is based on, uses a system identification string as a default SNMP read/write community string, which allows remote attackers to obtain and modify sensitive configuration information by querying for the identification string. | 6.4 |
2002-08-12 | CVE-2002-0422 | Information Exposure vulnerability in Microsoft Internet Information Services 5.0 IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or (2) via the WRITE or MKCOL method, which leaks the IP in the Location server header. | 2.6 |