34 matches found
CVE-2026-42878
FacturaScripts prior to v2026 is affected by an unauthenticated information-disclosure vulnerability in the Installer controller: sending a GET with ?phpinfo=TRUE triggers phpinfo() on a fresh deployment, exposing PHP config, environment vars (including possible DB credentials and API keys), file...
CVE-2026-42878 FacturaScripts: Unauthenticated phpinfo() Disclosure via Installer Endpoint in FacturaScripts
FacturaScripts is an open source accounting and invoicing software. Prior to v2026, an unauthenticated information disclosure vulnerability in the Installer controller allows any remote attacker to trigger phpinfo on a fresh FacturaScripts deployment by requesting /?phpinfo=TRUE, exposing full PH...
CVE-2023-39677
MyPrestaModules Prestashop Module v6.2.9 and UpdateProducts Prestashop Module v3.6.9 were discovered to contain a PHPInfo information disclosure vulnerability via send.php...
PT-2023-27068 · Prestashop · Updateproducts Prestashop Module +1
Name of the Vulnerable Software and Affected Versions: MyPrestaModules Prestashop Module version 6.2.9 UpdateProducts Prestashop Module version 3.6.9 Description: A PHPInfo information disclosure issue was discovered in the send.php file, allowing potential access to sensitive information...
U.S. Department of State: Impact of Using the PHP Function "phpinfo()" on System Security - PHP info page disclosure
Sensitive information such as the exact PHP version, operating system and its version, internal IP addresses, server environment variables, and loaded PHP extensions and their configurations could be revealed by using the PHP function "phpinfo". This could potentially be exploited by attackers to...
All Vulnerabilities for gautamthapar.me Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| gautamthapar.me ---|--- Open Bug Bounty...
All Vulnerabilities for shenasname.ir Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| shenasname.ir ---|--- Open Bug Bounty...
All Vulnerabilities for serialupdates.me Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| serialupdates.me ---|--- Open Bug Bount...
All Vulnerabilities for ryancameron.me Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| ryancameron.me ---|--- Open Bug Bounty...
All Vulnerabilities for etaonline.me Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| etaonline.me ---|--- Open Bug Bounty...
primecursos.com.br Improper Access Control vulnerability OBB-1801419
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| primecursos.com.br ---|--- Open Bug...
All Vulnerabilities for cryptoo.me Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| cryptoo.me ---|--- Open Bug Bounty...
All Vulnerabilities for aminstitute.com Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| aminstitute.com ---|--- Open Bug Bounty...
All Vulnerabilities for amitbhalani.me Patched via Open Bug Bounty
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| amitbhalani.me ---|--- Open Bug Bounty...
yourplace <= 1.0.2 - Multiple Vulnerabilities + rce exploit
No description provided by source. START 0x01 Informations: Script : YourPlace 0.5 beta 1 Download : http://www.hotscripts.com/jump.php?listingid=80545&jumptype=1 Vulnerability : DB Disclosure / Arbitrary Data Saving RCE EXPLOIT / Arbitrary File Upload / PHPInfo Disclosure / User Change Account...
WebTester 5.x - Multiple Vulnerabilities
========================================================================================== WebTester 5.x Multiple Vulnerabilities ==========================================================================================...
osCommerce 2.2-MS2 phpinfo() Disclosure
Exploit Title: osCommerce 2.2-MS2 phpinfo disclosure vulnerability Date: 21 June 2010 Author: Neo-Gabriel Download: http://www.oscommerce.com/solutions/downloads Version: 2.2-MS2 Tested on: Windows 95 . .. . . . | | | /|| / \ / \ | | | | | | / / | | / | | |/ \ \ / \ \ / /\ | | | | \ \ | | \ \ |/...
Photokorn 1.542 RFI / XSS / phpinfo() Disclosure
======================================================================================== | Title : photokorn Multi Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | Total alerts found : 3 | High : 2 | Medi...
Flashden Guestbook phpinfo Disclosure
Cyber-Warrior & Security | Bug Researchers Group Application Name : Flashden Guestbook 29905 Vulnerable Type : phpinfo Disclosure Vulnerability Infection : PHP Info Get... author : Septemb0x WebSite : http://flashden.net/item/guestbook/29905 Demo :...
CVE-2009-2443
Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...