PT-2023-31151 · Microsoft · Microsoft-Graph-Core

Name of the Vulnerable Software and Affected Versions: microsoft-graph-core versions prior to 2.0.2 Description: The Microsoft Graph Beta PHP SDK contains test code that enables the use of the phpInfo function from any application that can access and execute the file at...

PT-2023-31150 · Microsoft · Msgraph-Sdk-Php

Name of the Vulnerable Software and Affected Versions: msgraph-sdk-php versions prior to 1.109.1 msgraph-sdk-php versions prior to 2.0.0-RC5 Description: The Microsoft Graph PHP SDK contains a vulnerability that exposes system information through the phpinfo function. This issue affects the...

CVE-2023-49103

An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment phpinfo. This information...

ownCloud Security Breach

ownCloud is a suite of personal cloud storage solutions from the US-based company ownCloud. A security vulnerability exists in ownCloud graphapi versions prior to 0.2.1, 0.3.1 and 0.3.1. The vulnerability stems from the fact that the graphapi application relies on the third-party GetPhpInfo.php...

GHSA-CVH5-P6R6-G2QC Exposed phpinfo() leadked via documentation files

Impact The phpinfo can be exposed if the /vendor is not protected from public access. This is a rare situation today since the vendor directory is often located outside the web directory or protected via server rule .htaccess, etc. Patches Only the v6, v7 and v8 will be patched respectively in...

CVE-2021-37704

PhpFastCache is a high-performance backend cache system packagist package phpfastcache/phpfastcache. In versions before 6.1.5, 7.1.2, and 8.0.7 the phpinfo can be exposed if the /vendor is not protected from public access. This is a rare situation today since the vendor directory is often located...

Design/Logic Flaw

PhpFastCache is a high-performance backend cache system packagist package phpfastcache/phpfastcache. In versions before 6.1.5, 7.1.2, and 8.0.7 the phpinfo can be exposed if the /vendor is not protected from public access. This is a rare situation today since the vendor directory is often located...

CVE-2021-37704

PhpFastCache is a high-performance backend cache system packagist package phpfastcache/phpfastcache. In versions before 6.1.5, 7.1.2, and 8.0.7 the phpinfo can be exposed if the /vendor is not protected from public access. This is a rare situation today since the vendor directory is often located...

CVE-2021-37704 Exposed phpinfo() in PhpFastCache

PhpFastCache is a high-performance backend cache system packagist package phpfastcache/phpfastcache. In versions before 6.1.5, 7.1.2, and 8.0.7 the phpinfo can be exposed if the /vendor is not protected from public access. This is a rare situation today since the vendor directory is often located...

PT-2021-21823 · Unknown · Phpfastcache

Name of the Vulnerable Software and Affected Versions: PhpFastCache versions prior to 6.1.5 PhpFastCache versions prior to 7.1.2 PhpFastCache versions prior to 8.0.7 Description: The issue concerns the exposure of phpinfo when the /vendor directory is not protected from public access. This...

CVE-2018-20608

imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI...

CVE-2018-20608

imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI...

DEBIAN-CVE-2016-9848

An issue was discovered in phpMyAdmin. phpinfo phpinfo.php shows PHP information including values of HttpOnly cookies. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are affected...

UBUNTU-CVE-2016-9848

An issue was discovered in phpMyAdmin. phpinfo phpinfo.php shows PHP information including values of HttpOnly cookies. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are affected...

PT-2005-5450 · Turnkey Web Tools · Sunshop Shopping Cart

Name of the Vulnerable Software and Affected Versions: Turnkey Web Tools SunShop Shopping Cart affected versions not specified Description: The issue allows remote attackers to obtain sensitive information via a phpinfo action to specific API endpoints: "index.php", "admin/index.php", and...

HyperBook Guestbook

Product : HyperBook Guestbook Version : 1.12 WebSite : http://diamond-back.com Problem : phpinfo Description: ------------ phpinfo.php =========== ?php phpinfo; ? =========== Exploit: -------- http://somehost/book/phpinfo.php...

E-theni (PHP)

Informations : °°°°°°°°°°°°°° Version : ? Website : http://www.theni.freesurf.fr Problems : - Include file - phpinfo PHP Code/Location : °°°°°°°°°°°°°°°°°°° /admint/include/afflistelangue.php : ----------------------------------------- require $repinclude."paralangue.php";...