Information disclosure

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...

CVE-2008-7268

SiteEngine 5.x is affected by CVE-2008-7268 via a phpinfo information-disclosure in misc.php when action=php_info is supplied, allowing remote attackers to obtain system information. The connected documents reiterate the description; no remediation patch/version is provided in the supplied source...

CVE-2008-7268

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...

ecshop v2. 7 2 demo/index. php file getshell vulnerabilities-vulnerability warning-the black bar safety net

//------------------------------------------------------------- Release date: 2010-11. 2 6 Publishing author: xhming Affected version: ecshop v2. 7 2 Official address: Vulnerability type: code execution Vulnerability description: Vulnerability analysis: demo/index.php if ! empty$POST'lang'...

1 6 2 1 0 0 Site Navigation 1. 9 local file inclusion vulnerability-vulnerability warning-the black bar safety net

Breaking app breaking vulnerability, but in order to encourage everyone to learn, or sent to. Reject malicious destruction! Program official: http://download.162100.com admin directory run.php the file part of the code is as follows: I find the Upload Directory editor/index.html Use the upload...

PHP Version Detection

Nessus was able to determine the version of PHP available on the remote web server. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid48243; scriptversion"1.32"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/01/22"; scriptxrefname:"IAVT",...

CVE-2009-4961

Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function...

Information disclosure

Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function...

CVE-2009-4961

CVE-2009-4961 affects Lanai Core 0.6. Affected component: info.php that calls phpinfo, enabling remote attackers to disclose configuration information. Impact is information disclosure (no integrity/availability impact stated). No remediation details are provided in the trusted documents; upgradi...

CVE-2009-4961

Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function...

osCommerce 2.2-MS2 phpinfo() Disclosure

Exploit Title: osCommerce 2.2-MS2 phpinfo disclosure vulnerability Date: 21 June 2010 Author: Neo-Gabriel Download: http://www.oscommerce.com/solutions/downloads Version: 2.2-MS2 Tested on: Windows 95 . .. . . . | | | /|| / \ / \ | | | | | | / / | | / | | |/ \ \ / \ \ / /\ | | | | \ \ | | \ \ |/...

Photokorn 1.542 RFI / XSS / phpinfo() Disclosure

======================================================================================== | Title : photokorn Multi Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | Total alerts found : 3 | High : 2 | Medi...

Automne.ws CMS 4.0.0rc2 - Multiple Remote File Inclusions

Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability Created By 1nd0n3s14n l4m3r c -- 14/12/2oo9 No Sanitize Variable $SERVER"DOCUMENTROOT" automne/imagezoom.php?DOCUMENTROOT=Shell automne/isalive.php?DOCUMENTROOT=Shell automne/admin/backtrace.php?DOCUMENTROOT=Shell...

Information disclosure

HUBScript 1.0 allows remote attackers to obtain configuration information via a direct request to manage/phpinfo.php, which calls the phpinfo function...

CVE-2009-3600

CVE-2009-3600 affects HUBScript 1.0. The vulnerability is an information-disclosure in the web management path: a direct request to manage/phpinfo.php causes phpinfo() to reveal configuration details. The root cause is exposing PHP configuration via phpinfo() without proper access controls. Impac...

CVE-2009-3600

HUBScript 1.0 allows remote attackers to obtain configuration information via a direct request to manage/phpinfo.php, which calls the phpinfo function...

XStat PHPInfo可导致信息泄露漏洞

BUGTRAQ: 4280 X-Stat是一款PHP语言编写免费的WEB通信分析程序，可以运行在Unix和Linux操作系统下，也可运行在Microsoft Windows操作系统平台下。 X-Stat由于对部分错误WEB请求处理存在问题可导致相关主机信息泄露。 攻击者可以对X-Stat系统中的xstatadmin.php脚本参数action提交phpinfo变量，可导致相关主机信息泄露给攻击者，包括主机信息，操作系统信息和服务器信息等。 攻击者可以通过这些信息，对目标系统进行进一步的攻击。 Xqus X-Stat 2.3 Xqus X-Stat 2.2 临时解决方法：...

CVE-2008-6999

phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...

CVE-2008-6999

CVE-2008-6999 – Details : Affects phpAuction 3.2, and possibly 3.3.0 GPL Basic edition. The vulnerability arises when an exposed script (phpinfo.php) directly calls phpinfo(), enabling remote attackers to obtain configuration information. Vulnerability type : information disclosure via an exposed...

Information disclosure

FlashDen Guestbook allows remote attackers to obtain configuration information via a direct request to amfphp/phpinfo.php, which calls the phpinfo function...