764 matches found
PhpGedView 2.61 - PHPInfo Information Disclosure
source: https://www.securityfocus.com/bid/9371/info PhpGedView allows remote users to access information displayed by the phpinfo function. This may disclose sensitive information about the environment the software runs in. This issue is reported to affect PhpGedView 2.61. Other versions are also...
CVE-2003-1257
findthenihome.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo...
CVE-2003-1403
foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function...
CuteNews 1.3 - Debug Query Information Disclosure
source: https://www.securityfocus.com/bid/9130/info An information disclosure weakness has been reported in CuteNews 1.3, that may expose sensitive server configuration data. The problem occurs due to CuteNews accepting a debug query that will result in the exposure of information returned from a...
CuteNews 1.3 - Debug Query Information Disclosure
CuteNews 1.3 - Debug Query Information Disclosure source: https://www.securityfocus.com/bid/9130/info An information disclosure weakness has been reported in CuteNews 1.3, that may expose sensitive server configuration data. The problem occurs due to CuteNews accepting a debug query that will...
Advanced Poll : PHP Code Injection, File Include, Phpinfo
Informations : °°°°°°°°°°°°° Language : PHP Product : Advanced Poll Version : 2.0.2 Textfile Website : http://www.proxy2.de Problems : - PHP Code Injection - File Include - Phpinfo PHP Code/Location : °°°°°°°°°°°°°°°°°°° comments.php :...
CVE-2003-1181
Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo function...
Monkey Http Daemon
After reading the PHP XSS "exploit" I dont know if it qualifies as one in phpinfo, I found out that on the default page of the Monkey Http Daemon, there is a Test of Supports section. Two links are included: http://whateverhost/php/index.php and http://whateverhost/cgi-bin/test.pl index.php just...
phPay admin/phpinfo.php Information Disclosure
The remote host is running phPay, an online shop management system. This package contains multiple information leakages that could allow an attacker to obtain the physical path of the installation on the remote host or even the exact version of the components used by the remote host by using the...
PHP List
Product : PHP List Version : 1.1.1b WebSite : http://phplist.kipu.co.uk Problem : phpinfo Description: ------------ info.php =========== ? echo phpinfo ? =========== Exploit: -------- http://somehost/list/info.php...
HPE - News Portal Engine
Product : HPE - News Portal Engine Version : 4.0 beta WebSite : http://news.is.free.fr Problem : phpinfo Description: ------------ phpinfo.php =========== ... HPEbeginPage"PHPinfo"; phpinfo; HPEendPage; ... =========== Exploit: -------- http://somehost/HPEdir/HPE/admin/pages/phpinfo.php...
Advanced Poll
Product : Advanced Poll Version : 2.02 WebSite : http://www.proxy2.de Problem : phpinfo Description: ------------ /polldir/db/misc/: info.php =========== ?php phpinfo; ? =========== /polldir/textfile/misc/: info.php =========== ?php phpinfo; ? =========== Exploits: --------...
HyperBook Guestbook
Product : HyperBook Guestbook Version : 1.12 WebSite : http://diamond-back.com Problem : phpinfo Description: ------------ phpinfo.php =========== ?php phpinfo; ? =========== Exploit: -------- http://somehost/book/phpinfo.php...
Invision Power Board (PHP)
Informations : °°°°°°°°°°°°°° Website : http://www.invisionboard.com -------------------------- Version : 1.0.1 Problem : phpinfo -------------------------- Version : 1.1.1 Problem : File Including PHP Code/Location : °°°°°°°°°°°°°°°°°°° v1.0.1 : phpinfo.php : ---------- ?php phpinfo; ? ---------...
Web Server info.php / phpinfo.php Detection
Many PHP installation tutorials instruct the user to create a PHP file that calls the PHP function 'phpinfo' for debugging purposes. Various PHP applications may also include such a file. By accessing such a file, a remote attacker can discover a large amount of information about the remote web...
E-theni (PHP)
Informations : °°°°°°°°°°°°°° Version : ? Website : http://www.theni.freesurf.fr Problems : - Include file - phpinfo PHP Code/Location : °°°°°°°°°°°°°°°°°°° /admint/include/afflistelangue.php : ----------------------------------------- require $repinclude."paralangue.php";...
CVE-2002-1725
phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the pw=show option, which invokes the phpinfo function...
Immobilier 1 (PHP)
Informations : °°°°°°°°°°°°°° Version, Website : ? Problems : - phpinfo - SQL Injection PHP Code/Location : °°°°°°°°°°°°°°°°°°° agentadmin.php : -------------------------------------------------------------- ... elseif $agentname != "" OR $currentuser != "" $sql = "SELECT id FROM agents WHERE...
PHP 4 - 'PHPInfo()' Cross-Site Scripting
source: https://www.securityfocus.com/bid/7805/info Scripts that include the PHP phpinfo debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes hostile client-side script code or HTML...
PHP 4 - PHPInfo() Cross-Site Scripting
PHP 4 - PHPInfo Cross-Site Scripting source: https://www.securityfocus.com/bid/7805/info Scripts that include the PHP phpinfo debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes...