Description
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.
Remediation
References
Related Vulnerabilities
WordPress Plugin Testimonial Rotator Cross-Site Scripting (3.0.2)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4553)
WordPress Plugin betterAmazonAPI Cross-Site Scripting (1.2)
MongoDb Reachable Assertion Vulnerability (CVE-2026-5170)
WordPress Plugin Font Awesome Information Disclosure (4.0.0-rc16)