136 matches found
CVE-2006-1105
Pixelpost 1.5 beta 1 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the vendor has disputed some issues from the original disclosure, but due to the vagueness of the dispute, it is not...
CVE-2005-4875
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables...
security flaw
Cross-site scripting XSS vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."...
CVE-2002-1725
phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function...
CVE-2003-1181
Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo function...
CVE-2004-1590
Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function...
CVE-2004-1590
Clientexec allows remote attackers to gain sensitive information via an HTTP request to phpinfo.php, which calls the phpinfo function...
phpinfo() Function Information Disclosure (deprecated)
Binary data 1592.prm...
PhpGedView 2.61 - PHPInfo Information Disclosure
source: https://www.securityfocus.com/bid/9371/info PhpGedView allows remote users to access information displayed by the phpinfo function. This may disclose sensitive information about the environment the software runs in. This issue is reported to affect PhpGedView 2.61. Other versions are also...
CVE-2003-1403
foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function...
CuteNews 1.3 - Debug Query Information Disclosure
source: https://www.securityfocus.com/bid/9130/info An information disclosure weakness has been reported in CuteNews 1.3, that may expose sensitive server configuration data. The problem occurs due to CuteNews accepting a debug query that will result in the exposure of information returned from a...
CuteNews 1.3 - Debug Query Information Disclosure
CuteNews 1.3 - Debug Query Information Disclosure source: https://www.securityfocus.com/bid/9130/info An information disclosure weakness has been reported in CuteNews 1.3, that may expose sensitive server configuration data. The problem occurs due to CuteNews accepting a debug query that will...
CVE-2003-1181
Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo function...
CVE-2002-1725
phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function...
PHP 4 - 'PHPInfo()' Cross-Site Scripting
source: https://www.securityfocus.com/bid/7805/info Scripts that include the PHP phpinfo debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes hostile client-side script code or HTML...
PHP 4 - PHPInfo() Cross-Site Scripting
PHP 4 - PHPInfo Cross-Site Scripting source: https://www.securityfocus.com/bid/7805/info Scripts that include the PHP phpinfo debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes...