Description

TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.

Remediation

References

CVE-2005-4875

Related Vulnerabilities

osCommerce Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-43735)

MySQL CVE-2016-0503 Vulnerability (CVE-2016-0503)

Jboss EAP Inadequate Encryption Strength Vulnerability (CVE-2014-0224)

Oracle JRE CVE-2013-5818 Vulnerability (CVE-2013-5818)

WebLogic CVE-2024-21260 Vulnerability (CVE-2024-21260)

Severity

High

Classification

CVE-2005-4875 CWE-200

Tags

Missing Update Known Vulnerabilities