• Close
  • Back to search

    PHP 'phpinfo()' Cross-Site Scripting Vulnerability

    Severity CVSS Published Added Modified
    4 (AV:N/AC:M/Au:N/C:N/I:P/A:N) October 31, 2005 October 31, 2005 February 12, 2015

    Description

    Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.x up to 4.4.0 and 5.x up to 5.0.5 allows remote attackers to inject arbitrary web script or HTML via a crafted URL with a "stacked array assignment."

    Free Nexpose Download

    Discover, prioritize, and remediate security risks today!

     Download now

    References

    Solution

    php-upgrade-4_4_1

    Related Vulnerabilities