14 matches found
EUVD-2005-0870
Malware in sbrugna...
EUVD-2005-3347
Malware in sbrugna...
UBUNTU-CVE-2023-49006
Cross Site Request Forgery CSRF vulnerability in Phpsysinfo version 3.4.3 allows a remote attacker to obtain sensitive information via a crafted page in the XML.php file...
Gentoo Security Advisory GLSA 200511-18 (phpsysinfo)
The remote host is missing updates announced in advisory GLSA 200511-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
CVE-2006-3360
CVE-2006-3360 affects phpSysInfo, where Directory traversal in index.php (lng parameter) can reveal whether arbitrary files exist via a .. sequence plus a trailing null (%00). Affected versions are 2.5.1 through 3.2.4; the issue is exploitable remotely and can disclose file existence information ...
CVE-2005-3348
HTTP response splitting vulnerability in index.php in phpSysInfo 2.4 and earlier, as used in phpgroupware 0.9.16 and earlier, and egroupware before 1.0.0.009, allows remote attackers to spoof web content and poison web caches via CRLF sequences in the charset parameter...
CVE-2005-0869
phpSysInfo 2.3 allows remote attackers to obtain sensitive information via a direct request to 1 class.OpenBSD.inc.php, 2 class.NetBSD.inc.php, 3 class.FreeBSD.inc.php, 4 class.Darwin.inc.php, 5 XPath.class.php, 6 systemheader.php, or 7 systemfooter.php, which reveal the path in a PHP error messa...
Debian DSA-346-1 : phpsysinfo - directory traversal
Albert Puigsech Galicia reported that phpsysinfo, a web-based program to display status information about the system, contains two vulnerabilities which could allow local files to be read, or arbitrary PHP code to be executed, under the privileges of the web server process usually www-data. These...
CVE-2003-0536
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. dot dot sequences in the 1 template or 2 lng parameters...
CVE-2003-0536
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. dot dot sequences in the 1 template or 2 lng parameters...
CVE-2003-0536
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. dot dot sequences in the 1 template or 2 lng parameters...
[SECURITY] [DSA-346-1] New phpsysinfo packages fix directory traversal
-------------------------------------------------------------------------- Debian Security Advisory DSA 346-1 [email protected] http://www.debian.org/security/ Matt Zimmerman July 8th, 2003 http://www.debian.org/security/faq -...
Unauthorized reading files on phpSysInfo
/----------------------------------------------------------------------------- | 7 A 6 9 - A d v C: 007 |-----------------------------------------------------------------------------| | | Unauthorized reading files on phpSysInfo |...
PHPSysInfo 2.02.1 - index.php File Disclosure
PHPSysInfo 2.02.1 - index.php File Disclosure source: https://www.securityfocus.com/bid/7275/info PHPSysInfo has been reported to be vulnerable to a file disclosure issue. Local users may be capable of influencing the include path for several PHPSysinfo template files. If the malicious template...