Description

TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.

Remediation

References

CVE-2005-4875

Related Vulnerabilities

WordPress 5.2.x Multiple Vulnerabilities (5.2 - 5.2.7)

WordPress Plugin Zedna eBook download Directory Traversal (1.1)

PHP Improper Input Validation Vulnerability (CVE-2007-3799)

WordPress 4.5.3 Directory Traversal Vulnerability (4.5.3)

WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress SQL Injection (3.6.3)

Severity

High

Classification

CVE-2005-4875 CWE-200

Tags

Missing Update Known Vulnerabilities