Vulnerabilities > CVE-2002-2247 - Configuration vulnerability in Mambo Site Server 4.0.11

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
mambo
CWE-16
exploit available
NVD
Published: 2002-12-31
Updated: 2017-07-29

Summary

The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function.

Vulnerable Configurations

Part Description Count
Application
Mambo
1

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionMambo Site Server 4.0.11 PHPInfo.PHP Information Disclosure Vulnerability. CVE-2002-2247. Webapps exploit for php platform
idEDB-ID:22086
last seen2016-02-02
modified2002-12-12
published2002-12-12
reportereuronymous
sourcehttps://www.exploit-db.com/download/22086/
titleMambo Site Server 4.0.11 PHPInfo.PHP Information Disclosure Vulnerability

References