Vulnerabilities > CVE-2002-2247 - Configuration vulnerability in Mambo Site Server 4.0.11
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Mambo Site Server 4.0.11 PHPInfo.PHP Information Disclosure Vulnerability. CVE-2002-2247. Webapps exploit for php platform |
id | EDB-ID:22086 |
last seen | 2016-02-02 |
modified | 2002-12-12 |
published | 2002-12-12 |
reporter | euronymous |
source | https://www.exploit-db.com/download/22086/ |
title | Mambo Site Server 4.0.11 PHPInfo.PHP Information Disclosure Vulnerability |