CVE-2008-7268

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...

Information disclosure

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...

CVE-2008-7268

SiteEngine 5.x is affected by CVE-2008-7268 via a phpinfo information-disclosure in misc.php when action=php_info is supplied, allowing remote attackers to obtain system information. The connected documents reiterate the description; no remediation patch/version is provided in the supplied source...

CVE-2008-7268

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...

ecshop v2. 7 2 demo/index. php file getshell vulnerabilities-vulnerability warning-the black bar safety net

//------------------------------------------------------------- Release date: 2010-11. 2 6 Publishing author: xhming Affected version: ecshop v2. 7 2 Official address: Vulnerability type: code execution Vulnerability description: Vulnerability analysis: demo/index.php if ! empty$POST'lang'...

1 6 2 1 0 0 Site Navigation 1. 9 local file inclusion vulnerability-vulnerability warning-the black bar safety net

Breaking app breaking vulnerability, but in order to encourage everyone to learn, or sent to. Reject malicious destruction! Program official: http://download.162100.com admin directory run.php the file part of the code is as follows: I find the Upload Directory editor/index.html Use the upload...

PHP Version Detection

Nessus was able to determine the version of PHP available on the remote web server. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid48243; scriptversion"1.32"; scriptsetattributeattribute:"pluginmodificationdate", value:"2026/01/22"; scriptxrefname:"IAVT",...

CVE-2009-4961

Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function...

Information disclosure

Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function...

CVE-2009-4961

CVE-2009-4961 affects Lanai Core 0.6. Affected component: info.php that calls phpinfo, enabling remote attackers to disclose configuration information. Impact is information disclosure (no integrity/availability impact stated). No remediation details are provided in the trusted documents; upgradi...

CVE-2009-4961

Lanai Core 0.6 allows remote attackers to obtain configuration information via a direct request to info.php, which calls the phpinfo function...

osCommerce 2.2-MS2 phpinfo() Disclosure

Exploit Title: osCommerce 2.2-MS2 phpinfo disclosure vulnerability Date: 21 June 2010 Author: Neo-Gabriel Download: http://www.oscommerce.com/solutions/downloads Version: 2.2-MS2 Tested on: Windows 95 . .. . . . | | | /|| / \ / \ | | | | | | / / | | / | | |/ \ \ / \ \ / /\ | | | | \ \ | | \ \ |/...

Photokorn 1.542 RFI / XSS / phpinfo() Disclosure

======================================================================================== | Title : photokorn Multi Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria -00213771818860 | Total alerts found : 3 | High : 2 | Medi...

Automne.ws CMS 4.0.0rc2 - Multiple Remote File Inclusions

Automne.ws CMS 4.0.0rc2 Multiple RFI Vulnerability Created By 1nd0n3s14n l4m3r c -- 14/12/2oo9 No Sanitize Variable $SERVER"DOCUMENTROOT" automne/imagezoom.php?DOCUMENTROOT=Shell automne/isalive.php?DOCUMENTROOT=Shell automne/admin/backtrace.php?DOCUMENTROOT=Shell...

Information disclosure

HUBScript 1.0 allows remote attackers to obtain configuration information via a direct request to manage/phpinfo.php, which calls the phpinfo function...

CVE-2009-3600

CVE-2009-3600 affects HUBScript 1.0. The vulnerability is an information-disclosure in the web management path: a direct request to manage/phpinfo.php causes phpinfo() to reveal configuration details. The root cause is exposing PHP configuration via phpinfo() without proper access controls. Impac...

CVE-2009-3600

HUBScript 1.0 allows remote attackers to obtain configuration information via a direct request to manage/phpinfo.php, which calls the phpinfo function...

XStat PHPInfo可导致信息泄露漏洞

BUGTRAQ: 4280 X-Stat是一款PHP语言编写免费的WEB通信分析程序，可以运行在Unix和Linux操作系统下，也可运行在Microsoft Windows操作系统平台下。 X-Stat由于对部分错误WEB请求处理存在问题可导致相关主机信息泄露。 攻击者可以对X-Stat系统中的xstatadmin.php脚本参数action提交phpinfo变量，可导致相关主机信息泄露给攻击者，包括主机信息，操作系统信息和服务器信息等。 攻击者可以通过这些信息，对目标系统进行进一步的攻击。 Xqus X-Stat 2.3 Xqus X-Stat 2.2 临时解决方法：...

CVE-2008-6999

phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...

CVE-2008-6999

CVE-2008-6999 – Details : Affects phpAuction 3.2, and possibly 3.3.0 GPL Basic edition. The vulnerability arises when an exposed script (phpinfo.php) directly calls phpinfo(), enabling remote attackers to obtain configuration information. Vulnerability type : information disclosure via an exposed...