CVE-2009-2443

Siteframe 3.2.3, and other 3.2.x versions, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.

🔗 References (12)

• cve@mitrehttp://osvdb.org/55683
• cve@mitrehttp://secunia.com/advisories/35761
• cve@mitrehttp://www.packetstormsecurity.org/0907-exploits/siteframe-sqlphpinfo.txt
• cve@mitrehttp://www.securityfocus.com/bid/35598
• cve@mitrehttp://www.vupen.com/english/advisories/2009/1822
• cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/51579
• af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/55683
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35761
• af854a3a-2127-422b-91ae-364da2661108http://www.packetstormsecurity.org/0907-exploits/siteframe-sqlphpinfo.txt
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35598
• af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1822
• af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/51579