6 matches found
CVE-2005-4787
Turnkey Web Tools SunShop Shopping Cart allows remote attackers to obtain sensitive information via a phpinfo action to 1 index.php, 2 admin/index.php, and 3 admin/adminindex.php, which executes the PHP phpinfo function. NOTE: The vendor has disputed this issue, saying that "Having this in the co...
CVE-2002-2044
Cross-site scripting XSS vulnerability in xstatadmin.php in x-stat 2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via a parameter to the phpinfo action...
CVE-2014-5094
Status2k allows remote attackers to obtain configuration information via a phpinfo action in a request to status/index.php, which calls the phpinfo function...
Default configuration
Status2k allows remote attackers to obtain configuration information via a phpinfo action in a request to status/index.php, which calls the phpinfo function...
CVE-2014-5094
Status2k allows remote attackers to obtain configuration information via a phpinfo action in a request to status/index.php, which calls the phpinfo function...
Default configuration
importbuddy.php in the BackupBuddy plugin 2.2.25 for WordPress allows remote attackers to obtain configuration information via a step 0 phpinfo action, which calls the phpinfo function...