CVE-2002-2247

Description

The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function.

Affected products

• Mambo / mambo_site_server4.0.11 – 4.0.11

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/10853
• MISChttp://archives.neohapsis.com/archives/bugtraq/2002-12/0111.html
• MISChttp://www.securityfocus.com/bid/6376