Description

TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.

Remediation

References

CVE-2005-4875

Related Vulnerabilities

PHP Other Vulnerability (CVE-2021-21707)

ReviveAdserver Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2015-7372)

WebLogic CVE-2021-2018 Vulnerability (CVE-2021-2018)

WordPress Plugin Contact Form 7 Database Information Disclosure (1.3)

WebLogic CVE-2023-22072 Vulnerability (CVE-2023-22072)

Severity

High

Classification

CVE-2005-4875 CWE-200

Tags

Missing Update Known Vulnerabilities