764 matches found
Information disclosure
info.php in Logaritmo Aware CallManager 2012 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function...
CVE-2020-26150
CVE-2020-26150 affects Logaritmo Aware CallManager 2012. The issue originates in info.php, where a direct request invoking phpinfo discloses sensitive information to remote attackers. The vulnerability is an information-disclosure flaw; exploitation details and concrete fixes are not provided in ...
Vxscan
This is a Python-based comprehensive scanning tool called Vxscan, which is used for sensitive file detection, WAF/CDN identification, port scanning, fingerprint/service identification, operating system identification, weak password detection, POC scanning, SQL injection, and other functions. The...
8x8: PHPinfo page on http://█████.callstats.io
PHPInfo file was exposed on legacy system. phpinfo was available at callstats.io subdomain. It disclosing information on a server and PHP version information...
U.S. Dept Of Defense: Information Disclosure(PHPINFO/Credentials) on DoD Asset
Summary: A DoD leaks credentials on a phpinfo page. Description: https://███ publicly displays a phpinfo page that leaks system information and credentials. Impact The impact is medium not only due to information leakage of numerous different details such as system information but also the leakag...
U.S. Dept Of Defense: phpinfo() disclosure info
hi security team i found subdoamins avalibale file phpinfo PoC:- https://█████████/phpinfo.php Impact An attacker can obtain information such as: •Exact PHP version. •Exact OS and its version. •Details of the PHP configuration. •Internal IP addresses. •Server environment variables. •Loaded PHP...
Razer: PHPInfo Page on www.razer.ru
The tester discovered a a PHP page disclosing information on a server out of scope of the bounty program. This was a low impact information disclosure of PHP version information. We appreciate the tester bringing this to our attention...
Zurmo 3.2.6 Code Evaluation
Code Evaluation Vulnerability in Zurmo 3.2.6 Information -------------------- Advisory by Netsparker Name: Code Evaluation Vulnerability in Zurmo Affected Software: Zurmo Affected Versions: 3.2.6 Homepage: http://zurmo.org Vulnerability: Code Evaluation Severity: Critical Status: Not Fixed...
Mail.ru: пхпинфо
Test script with phpinfo output was available in russianaicup.ru...
Information Disclosure
php is vulnerable to information disclosure. The vulnerability exists as the phpinfo implementation in ext/standard/info.c does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF...
VK.com: Information Disclosure (phpinfo())
Out-of-scope...
Mail.ru: phpinfo
phpinfo was available at terrhq.ru subdomain...
Mail.ru: Phpinfo
phpinfo was available at terrhq.ru subdomain...
Code injection
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI...
CVE-2018-20608
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI...
CVE-2018-20608
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI...
CVE-2018-20608
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI...
CVE-2018-20608
Imcat 4.4 has an information-disclosure vulnerability: remote attackers can read phpinfo output via the path root/tools/adbug/binfo.php?phpinfo1, exposing server configuration details. Root cause is an insecure exposure of phpinfo in that URI. Impact is information leakage (CVE-2018-20608). Remed...
Kordil EDMS 2.2.60rc3 - Arbitrary File Upload
Kordil EDMS 2.2.60rc3 - Arbitrary File Upload Exploit Title: Kordil EDMS 2.2.60rc3 - Arbitrary File Upload Dork: N/A Date: 2018-11-13 Exploit Author: Ihsan Sencan Vendor Homepage: http://www.kordil.net/ Software Link:...
EdTv 2 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: EdTv 2 - 'id' SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://edtv.edsup.org/ Software Link: https://ayera.dl.sourceforge.net/project/edtv/beta/edtv2go.zip Version: 2 Category: Webapps Tested on:...