Phpsysinfo : Security Vulnerabilities, CVEs, (Directory traversal)
Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different error message if the file exists.
Max CVSS
5.0
EPSS Score
0.75%
Published
2006-07-06
Updated
2023-03-28
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters.
Max CVSS
3.6
EPSS Score
0.06%
Published
2003-08-18
Updated
2016-10-18
2 vulnerabilities found