CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Phpsysinfo: >> Phpsysinfo >> 2.5.1 Security Vulnerabilities

CVE-2007-4048

Cross-site scripting (XSS) vulnerability in index.php in phpSysInfo 2.5.4-dev and earlier allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.

CVSS Score

4.3

EPSS Score

0.005

Published

2007-07-30

CVE-2006-3360

Directory traversal vulnerability in index.php in phpSysInfo 2.5.1 allows remote attackers to determine the existence of arbitrary files via a .. (dot dot) sequence and a trailing null (%00) byte in the lng parameter, which will display a different error message if the file exists.

CVSS Score

5.0

EPSS Score

0.094

Published

2006-07-06

Page 1

Vulnerabilities

Vulnerable Software

Phpsysinfo: >> Phpsysinfo >> 2.5.1 Security Vulnerabilities

Products

Pricing

Contact Us