U.S. Dept Of Defense: Unauthenticated phpinfo()files could lead to ability file read at █████████ [HtUS]

Description: Many PHP installation tutorials instruct the user to create a PHP file that calls the PHP function 'phpinfo' for debugging purposes, and various PHP applications may also include such a file by default. By accessing it, a remote attacker can discover a large amount of information abo...

Flatnux 2009-03-27 - Arbitrary File Upload Information Disclosure

Flatnux 2009-03-27 - Arbitrary File Upload Information Disclosure Author: girex Homepage: girex.altervista.org Date: 17/04/2009 CMS: flatnux-2009-03-27 site: flatnux.altervista.org Bugs: Multiple remote vulnerabilities Flatnux suffers of multiple local file inclusions: output of my scanner Line: ...

Phorum 3.x - PHP Configuration Disclosure

source: https://www.securityfocus.com/bid/1985/info Phorum is a PHP based web forums package. Due to an error in the implementation of forum selection in administrative scripts, any user can view the any PHP script on the target host. This is due to user-supplied input being referenced as a...

Phorum 3.x - PHP Configuration Disclosure

Phorum 3.x - PHP Configuration Disclosure source: https://www.securityfocus.com/bid/1985/info Phorum is a PHP based web forums package. Due to an error in the implementation of forum selection in administrative scripts, any user can view the any PHP script on the target host. This is due to...