CVE-2005-3347

Multiple directory traversal vulnerabilities in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egrouwpware before 1.0.0.009, allow remote attackers to include arbitrary files via .. dot dot sequences in the 1 sensorprogram parameter or the 2...

[SECURITY] [DSA 897-1] New phpsysinfo packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 897-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2005 http://www.debian.org/security/faq -...

CVE-2005-0870

Multiple cross-site scripting XSS vulnerabilities in phpSysInfo 2.3, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 sensorprogram parameter to index.php, 2 textlanguage, 3 texttemplate, or 4 hidepicklist parameter to systemfooter.php...

CVE-2005-0869

phpSysInfo 2.3 is affected by CVE-2005-0869. The issue enables remote attackers to obtain sensitive information by requesting specific PHP files (class.OpenBSD.inc.php, class.NetBSD.inc.php, class.FreeBSD.inc.php, class.Darwin.inc.php, XPath.class.php, system_header.php, system_footer.php), which...

PHPSysInfo < 2.5 Multiple Script XSS

The remote host is running phpSysInfo, a PHP script that parses the /proc entries on Linux systems and displays them in HTML. The version of phpSysInfo installed on the remote host is affected by multiple cross-site scripting vulnerabilities due to its failure to sanitize user input to the...

[SECURITYREASON.COM] phpSysInfo 2.3 Multiple vulnerabilities cXIb8O3.11

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpSysInfo 2.3 Multiple vulnerabilities cXIb8O3.11 Author: Maksymilian Arciemowicz cXIb8O3 Date: 22.3.2005 from SECURITYREASON.COM TEAM - --- 0.Description --- PHPSysInfo 2.3 is a customizable PHP Script that parses /proc, and formats information...

PHPSysInfo 2.0/2.3 - &#039;system_footer.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

PHPSysInfo 2.0/2.3 - &#039;sensor_program&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/12887/info phpSysInfo is reportedly affected by multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to have arbitrary script co...

phpSysInfo: arbitrary code execution and directory traversal

Background phpSysInfo is a PHP system information tool. Description phpSysInfo contains two vulnerabilities which could allow local files to be read or arbitrary PHP code to be executed, under the privileges of the web server process. Impact An attacker could read local files or execute arbitrary...

[SECURITY] [DSA-346-1] New phpsysinfo packages fix directory traversal

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 346-1 [email protected] http://www.debian.org/security/ Matt Zimmerman July 8th, 2003 http://www.debian.org/security/faq -...