136 matches found
Information disclosure
The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...
CVE-2008-7268
The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...
CVE-2009-4961
Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function...
Information disclosure
Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function...
CVE-2009-4961
CVE-2009-4961 affects Lanai Core 0.6. Affected component: info.php that calls phpinfo, enabling remote attackers to disclose configuration information. Impact is information disclosure (no integrity/availability impact stated). No remediation details are provided in the trusted documents; upgradi...
CVE-2009-4961
Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function...
Information disclosure
HUBScript 1.0 allows remote attackers to obtain configuration information via a direct request to manage/phpinfo.php, which calls the phpinfo function...
CVE-2009-3600
CVE-2009-3600 affects HUBScript 1.0. The vulnerability is an information-disclosure in the web management path: a direct request to manage/phpinfo.php causes phpinfo() to reveal configuration details. The root cause is exposing PHP configuration via phpinfo() without proper access controls. Impac...
CVE-2009-3600
HUBScript 1.0 allows remote attackers to obtain configuration information via a direct request to manage/phpinfo.php, which calls the phpinfo function...
CVE-2008-6999
phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...
CVE-2008-6999
CVE-2008-6999 – Details : Affects phpAuction 3.2, and possibly 3.3.0 GPL Basic edition. The vulnerability arises when an exposed script (phpinfo.php) directly calls phpinfo(), enabling remote attackers to obtain configuration information. Vulnerability type : information disclosure via an exposed...
Information disclosure
FlashDen Guestbook allows remote attackers to obtain configuration information via a direct request to amfphp/phpinfo.php, which calls the phpinfo function...
CVE-2009-2648
FlashDen Guestbook allows remote attackers to obtain configuration information via a direct request to amfphp/phpinfo.php, which calls the phpinfo function...
CVE-2009-2648
FlashDen Guestbook allows remote attackers to obtain configuration information via a direct request to amfphp/phpinfo.php, which calls the phpinfo function...
CVE-2009-2443
CVE-2009-2443 affects Siteframe 3.2.3 and other 3.2.x versions. The vulnerability exposes configuration information when an attacker sends a direct request to phpinfo.php, which calls PHP's phpinfo() function. This results in information disclosure that can aid in further compromise. The availabl...
Information disclosure
TorrentTrader Classic 1.09 allows remote attackers to 1 obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function; and allows remote attackers to 2 obtain other potentially sensitive information via a direct request to check.php...
CVE-2009-2160
TorrentTrader Classic 1.09 allows remote attackers to 1 obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function; and allows remote attackers to 2 obtain other potentially sensitive information via a direct request to check.php...
Design/Logic Flaw
YourPlace 1.0.2 and earlier allows remote attackers to obtain sensitive system information via a direct request via a direct request to user/uploads/phpinfo.php, which calls the phpinfo function...
CVE-2008-6771
YourPlace 1.0.2 and earlier allows remote attackers to obtain sensitive system information via a direct request via a direct request to user/uploads/phpinfo.php, which calls the phpinfo function...
CVE-2008-6159
Content Management Made Easy CMME 1.19 allows remote attackers to obtain system information via a direct request to info.php, which invokes the phpinfo function...