CVE-2005-4875

TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:typo3:typo3:*:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:1.1:*:*:*:*:*:*:*
cpe:2.3:a:typo3:typo3:3.7.0:*:*:*:*:*:*:*

History

21 Nov 2024, 00:05

Type Values Removed Values Added
References () http://bugs.typo3.org/view.php?id=1250 - () http://bugs.typo3.org/view.php?id=1250 -
References () http://typo3.org/teams/security/security-bulletins/typo3-20050725-1/ - () http://typo3.org/teams/security/security-bulletins/typo3-20050725-1/ -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/42457 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/42457 -

Information

Published : 2005-12-31 05:00

Updated : 2024-11-21 00:05


NVD link : CVE-2005-4875

Mitre link : CVE-2005-4875

CVE.ORG link : CVE-2005-4875


JSON object : View

Products Affected

typo3

  • typo3
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor