TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2005-12-31 05:00
Updated : 2024-02-28 10:42
NVD link : CVE-2005-4875
Mitre link : CVE-2005-4875
CVE.ORG link : CVE-2005-4875
JSON object : View
Products Affected
typo3
- typo3
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor