CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function...

9.3CVSS6.3AI score0.00694EPSS

Exploits0References7

Openbugbounty•added 2018/06/26 2:11 a.m.•8 views

saofrancisco.alphaeditora.com.br Improper Access Control vulnerability

Open Bug Bounty ID: OBB-636697 Description| Value ---|--- Affected Website:| saofrancisco.alphaeditora.com.br Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:...

0.1AI score

Exploits0

OSV•added 2014/07/06 12:0 a.m.•0 views

UBUNTU-CVE-2014-4721

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF variables, which might allow context-dependent attackers to obtain sensitive information from process...

2.6CVSS7.2AI score0.09887EPSS

Exploits1References4

Cvelist•added 2007/10/29 7:0 p.m.•15 views

CVE-2002-2349

phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information...

6.4AI score0.01086EPSS

Exploits1References3

RedHat Linux•added 2006/07/27 8:5 p.m.•2 views

security flaw

Cross-site scripting XSS vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."...

4.3CVSS7.5AI score0.63293EPSS

Exploits0References4

RedHat Linux•added 2006/04/25 2:33 p.m.•3 views

security flaw

Cross-site scripting XSS vulnerability in phpinfo info.c in PHP 5.1.2 and 4.4.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including 1 a large number of dimensions or 2 long values, which prevents HTML tags from being removed...

4.3CVSS7.5AI score0.18154EPSS

Exploits1References4

Cvelist•added 2006/04/21 10:0 a.m.•13 views

CVE-2005-4787

Turnkey Web Tools SunShop Shopping Cart allows remote attackers to obtain sensitive information via a phpinfo action to 1 index.php, 2 admin/index.php, and 3 admin/adminindex.php, which executes the PHP phpinfo function. NOTE: The vendor has disputed this issue, saying that "Having this in the co...

6.3AI score0.00585EPSS

Exploits1References3

securityvulns•added 2003/03/24 12:0 a.m.•27 views

HPE - News Portal Engine

Product : HPE - News Portal Engine Version : 4.0 beta WebSite : http://news.is.free.fr Problem : phpinfo Description: ------------ phpinfo.php =========== ... HPEbeginPage"PHPinfo"; phpinfo; HPEendPage; ... =========== Exploit: -------- http://somehost/HPEdir/HPE/admin/pages/phpinfo.php...

0.8AI score

Exploits0

securityvulns•added 2003/03/22 12:0 a.m.•25 views

Advanced Poll

Product : Advanced Poll Version : 2.02 WebSite : http://www.proxy2.de Problem : phpinfo Description: ------------ /polldir/db/misc/: info.php =========== ?php phpinfo; ? =========== /polldir/textfile/misc/: info.php =========== ?php phpinfo; ? =========== Exploits: --------...

0.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by