136 matches found
CVE-2008-6159
Content Management Made Easy (CMME) 1.19 is affected by an information disclosure vulnerability where a direct request to info.php invokes phpinfo, allowing remote attackers to obtain system information. The flaw is triggered by accessing the info.php entry point, and the underlying cause is the ...
CVE-2009-0453
Online Grades 3.2.4 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...
CVE-2009-0453
Online Grades 3.2.4 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...
Code injection
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function...
CVE-2008-5322
Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function...
CVE-2008-4207
Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php in the main folder, which allows remote attackers to obtain sensitive information via a direct request, which invokes the phpinfo function. NOTE: some of these details are obtained from third party information...
Information disclosure
Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php in the main folder, which allows remote attackers to obtain sensitive information via a direct request, which invokes the phpinfo function. NOTE: some of these details are obtained from third party information...
CVE-2008-4115
TalkBack 2.3.6 allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...
CVE-2008-4115
TalkBack 2.3.6 allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...
Information disclosure
TalkBack 2.3.6 allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...
Information disclosure
XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to tests/info.php, which calls the phpinfo function...
CVE-2008-3400
XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to tests/info.php, which calls the phpinfo function...
CVE-2008-3400
XRMS CRM 1.99.2 allows remote attackers to obtain configuration information via a direct request to tests/info.php, which calls the phpinfo function...
Information disclosure
BolinOS 4.6.1 allows remote attackers to obtain sensitive information via a direct request to system/actionspages/b/contentFiles/gBphpInfo.php, which calls the phpinfo function...
CVE-2008-1557
CVE-2008-1557 affects BolinOS 4.6.1. A remote attacker can obtain sensitive information by directly requesting system/actionspages/_b/contentFiles/gBphpInfo.php, which invokes the PHP phpinfo() function. This results in an information-disclosure vulnerability without requiring authentication. The...
Information disclosure
PEEL, possibly 3.x and earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...
CVE-2008-1506
CVE-2008-1506 affects PEEL (possibly 3.x and earlier). The vulnerability allows remote attackers to obtain configuration information by directly requesting phpinfo.php, which calls PHP’s phpinfo function. This is a straightforward information-disclosure issue (partial confidentiality impact) stem...
Information disclosure
minimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...
CVE-2008-0260
minimal Gallery 0.8 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...
CVE-2008-0260
CVE-2008-0260 affects minimal Gallery 0.8. The issue is an information-disclosure vulnerability where an attacker can remotely obtain configuration information by requesting php_info.php, which invokes phpinfo. The exposed data could include server configuration details and environment settings. ...