DEBIAN-CVE-2007-2016

Cross-site scripting XSS vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

CVE-2007-2016

Cross-site scripting XSS vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

Information disclosure

CARE2X 2.2, and possibly earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Code injection

Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1.21 and possibly other versions before 2.25 allows remote attackers to execute arbitrary commands via a leading ; semicolon in the name parameter in a systemdoc action, which is injected into phpinfo.php...

CVE-2006-1831

Direct static code injection vulnerability in sysinfo.cgi in sysinfo 1.21 and possibly other versions before 2.25 allows remote attackers to execute arbitrary commands via a leading ; semicolon in the name parameter in a systemdoc action, which is injected into phpinfo.php...

CVE-2006-0756

dotProject 2.0.1 and earlier leaves 1 phpinfo.php and 2 check.php accessible under the /docs/ directory after installation, which allows remote attackers to obtain sensitive configuration information. NOTE: the vendor disputes this issue, saying that it could only occur if the administrator ignor...

CVE-2006-0756

CVE-2006-0756 affects dotProject versions 2.0.1 and earlier. The issue: phpinfo.php and check.php remain accessible under the /docs/ directory after installation, allowing remote attackers to obtain sensitive configuration information. The vendor disputes the flaw, noting it occurs only if instal...

CVE-2006-0756

dotProject 2.0.1 and earlier leaves 1 phpinfo.php and 2 check.php accessible under the /docs/ directory after installation, which allows remote attackers to obtain sensitive configuration information. NOTE: the vendor disputes this issue, saying that it could only occur if the administrator ignor...

CVE-2004-2588

The CVE-2004-2588 entry describes an information-leak flaw in phpinfo.php within XMB (Extreme Message Board) version 1.9 beta (Nexus beta). The vulnerability allows remote attackers to obtain sensitive information such as web server and PHP configuration details. The available sources (NVD/CVE re...

phpinfoXSS.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [email protected] schrieb: PoC: phpinfo.php?GLOBALStest=alertdocument.cookie; ...or just use phpinfo.php?=alertdocument.cookie; Saves some typing. In contrary to the above, this one only works on IE tested 6 on XP SP2 & Konqueror tested 3.4.2, though...

CVE-2004-1590

Technical details about CVE-2004-1590 are not publicly provided in the supplied documents; monitor for updates.

CVE-2004-2588

Intentional information leak in phpinfo.php in XMB aka extreme message board 1.9 beta aka Nexus beta allows remote attackers to obtain sensitive information such as the configuration of the web server and the PHP application...

[waraxe-2004-SA#012 - Multiple vulnerabilities in XMB Forum 1.8 SP3 and 1.9 beta]

================================================================================ waraxe-2004-SA012 ================================================================================ Multiple vulnerabilities in XMB 1.8 Partagium SP3 and 1.9 Nexus Beta...

Advanced Guestbook

Product : Advanced Guestbook Version : 2.3.1 WebSite : http://www.proxy2.de Problem : phpinfo Description: ------------ phpinfo.php =========== ?php phpinfo; ? =========== Exploit: -------- http://somehost/book/phpinfo.php...

CVE-2002-2247

The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function...

Mambo Site Server 4.0.11 - PHPInfo.php Information Disclosure

Mambo Site Server 4.0.11 - PHPInfo.php Information Disclosure source: https://www.securityfocus.com/bid/6376/info Mambo Site Server is a freely available, open source web content management tool. It is written in PHP, and available for Unix, Linux, and Microsoft Windows operating systems. It has...

Mambo Site Server 4.0.11 - 'PHPInfo.php' Information Disclosure

source: https://www.securityfocus.com/bid/6376/info Mambo Site Server is a freely available, open source web content management tool. It is written in PHP, and available for Unix, Linux, and Microsoft Windows operating systems. It has been reported that Mambo enables a script by default that may...

CVE-2002-1149

The vulnerability CVE-2002-1149 affects Invision Board where the installation procedure recommends placing the phpinfo.php program in the web root. This exposes sensitive information (absolute pathnames, OS information, PHP configuration) via phpinfo output, representing the underlying exposure a...