CVE-2007-1574

CARE2X 2.2 (and possibly earlier) is affected by an information-disclosure vulnerability where remote attackers can obtain configuration details via a direct request to phpinfo.php (which calls phpinfo). The provenance of this information is unknown and comes from third party sources. The vulnera...

PHP PHPInfo函数跨站脚本漏洞

PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 phpinfo函数可以显示有关PHP当前环境的详细信息，包括所发送请求变量的dump。该函数在显示GET、POST或COOKIE变量中所提供的数组内容时没有进行转义，允许攻击者通过特制请求执行跨站脚本攻击。 PHP 4.4.3 - 4.4.6 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.php.net --TEST-- SECURITY phpinfo simple XSS test --SKIPIF-- ?php...

CVE-2007-1287

A regression error in the phpinfo function in PHP 4.4.3 to 4.4.6, and PHP 6.0 in CVS, allows remote attackers to conduct cross-site scripting XSS attacks via GET, POST, or COOKIE array values, which are not escaped in the phpinfo output, as originally fixed for CVE-2005-3388...

CVE-2007-1287

CVE-2007-1287 describes a regression in PHP’s phpinfo output allowing cross-site scripting via unescaped GET/POST/COOKIE array values. Affects PHP 4.4.3–4.4.6 and PHP 6.0 in CVS; vulnerability stems from not escaping values in the phpinfo output, reusing the XSS issue originally addressed by CVE-...

PHP 4.4.3 - 4.4.6 phpinfo() Remote XSS Vulnerability

No description provided by source. //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...

MOPB-08-2007:PHP 4 phpinfo() XSS Vulnerability (Deja-vu)

Summary With PHP 4.4.3 a previously fixed bug that was disclosed at the end of October 2005 by the Hardened-PHP Project was reintroduced. Again phpinfo does not escape the content of user supplied arrays in GET, POST or COOKIE variables when it displays them which leads to an XSS vulnerability...

PHP 4.4.3 4.4.6 - PHPinfo() Cross-Site Scripting

PHP 4.4.3 4.4.6 - PHPinfo Cross-Site Scripting //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP...

PHP 4.4.3 - 4.4.6 phpinfo() Remote XSS Vulnerability

Exploit for multiple platform in category remote exploits ==================================================== PHP 4.4.3 - 4.4.6 phpinfo Remote XSS Vulnerability ==================================================== //////////////////////////////////////////////////////////////////////// // // // ...

WordPress 2.1.1 - Arbitrary Command Execution

WordPress 2.1.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/22797/info An attacker compromised the source code for Wordpress 2.1.1 and altered it to include a malicious backdoor. This backdoor introduces a code-execution vulnerability that will let remote users inject...

CVE-2006-6998

install/loaderhelp.php in Headstart Solutions DeskPRO allows remote attackers to obtain configuration information via a q=phpinfo QUERYSTRING, which calls the phpinfo function...

CVE-2006-6998

install/loaderhelp.php in Headstart Solutions DeskPRO allows remote attackers to obtain configuration information via a q=phpinfo QUERYSTRING, which calls the phpinfo function...

CVE-2006-6998

CVE-2006-6998 affects Headstart Solutions DeskPRO. The vulnerable file is install/loader_help.php, which can be accessed with a q=phpinfo QUERY_STRING to trigger phpinfo, allowing remote attackers to obtain configuration information. Documented impact is Partial Confidentiality with no integrity/...

ig shop 1.0 - Code Execution SQL Injection

ig shop 1.0 - Code Execution SQL Injection "If eval is the answer, then you are asking the wrong question." --Unknowen ig-shop suffers from two eval's that can be controlled by an attacker: http://127.0.0.1/igshop/cart.php?action=;phpinfo;// ./cart.php line 692: eval "cart$action;";...

sendcard_340_xpl.txt

!/usr/bin/php -q -d shortopentag=on php injection\n"; echo " works against magicquotesgpc=Off\n"; echo " 2 - arbitrary remote inclusion\n"; echo " works against allowurlfopen=On\n"; echo " 3 - arbitrary local inclusion\n"; echo " works regardless of php.ini settings\n"; echo " and if you succeed ...

SendCard <= 3.4.0 Unauthorized Administrative Access Exploit

Exploit for unknown platform in category web applications ============================================================ SendCard php injection\n"; echo " works against magicquotesgpc=Off\n"; echo " 2 - arbitrary remote inclusion\n"; echo " works against allowurlfopen=On\n"; echo " 3 - arbitrary...

security flaw

Cross-site scripting XSS vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."...

CVE-2006-3882

Shalwan MusicBox 2.3.4 and earlier allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...

CVE-2006-3882

The CVE affects Shalwan MusicBox 2.3.4 and earlier, where a direct request to phpinfo.php causes the phpinfo function to run, allowing remote attackers to view configuration information. This exposes server/service configuration details (via phpinfo output). No remediation or patch details are pr...

musicBox234.txt

MusicBox 2.3.4 http://www.musicboxv2.com ------------ PHPinfo page ------------ /phpinfo.php -------------------------- Cross Site Scripting XSS -------------------------- http://www.target.xx/?id=alert/EllipsisSecurityTest/&page=0...

MusicBox &lt;= 2.3.4 XSS SQL injection Vulnerability

MusicBox 2.3.4 http://www.musicboxv2.com ------------ PHPinfo page ------------ /phpinfo.php -------------------------- Cross Site Scripting XSS -------------------------- http://www.target.xx/?id=scriptalert/EllipsisSecurityTest//script&page=0...