Description

Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the query string argument, as demonstrated using soinfo.php.

Remediation

References

CVE-2002-1954

Related Vulnerabilities

WordPress Plugin Advanced Order Export For WooCommerce Cross-Site Scripting (3.1.7)

MySQL CVE-2018-2805 Vulnerability (CVE-2018-2805)

WordPress Plugin Vision Interactive For WordPress Cross-Site Scripting (1.4.4)

WordPress Plugin Content Grabber Multiple Vulnerabilities (1.0)

WordPress Plugin Translate WordPress with GTranslate Cross-Site Scripting (2.8.51)

Severity

Medium

Classification

CVE-2002-1954

Tags

Missing Update Known Vulnerabilities