|
Vulnerability Assessment & Network Security Forums |
|||||||||
If through a vulnerability assessment, a network security issue is detected for the vulnerability below, applying the appropriate security patches in a timely matter is very important. If you have detected that your system has already been compromised, following CERT's Network Security recovery document will assist with recommended steps for system recovery. Home >> Browse Vulnerability Assessment Database >> CGI abuses : XSS >> PHPay Information Disclosure Vulnerability Assessment Details
|
PHPay Information Disclosure |
||
Searches for the existence of phpinfo.php Detailed Explanation for this Vulnerability Assessment The remote host is running PHPay, an online shop management system. This package contains multiple information leakages which may permit a possible hacker to obtain the physical path of the installation on the remote host or even the exact version of the components used by the remote host, by using the file admin/phpinfo.nasl which comes with it. This files make a call to phpinfo() which display a lot of information about the remote host and how PHP is configured. A possible hacker may use this flaw to gain a more intimate knowledge about the remote host and better prepare its attacks. In addition to this, this version is vulnerable to a cross-site-scripting issue which may let a possible hacker steal the cookies of your legitimate users. Solution : Upgrade to PHPay 2.2.1 or newer Network Security Threat Level: Low Networks Security ID: 7309, 7310, 7313 Vulnerability Assessment Copyright: This script is Copyright (C) 2003 Renaud Deraison |
||
Cables, Connectors |
Cisco Nexus 48-Port 10G SFP+ Switch N9K-9396PX w/ 9K-M12PQ 12-Port 40G QSFP
$249.99
Lot of 10pcs Brocade 57-1000012-01 8Gbps SWL 850nm SFP+ Optical Transceivers
$19.00
Cisco 10G SFP+ Module SFP-10G-SR 10-2415-03 (Lot of 5)
$24.99
Cisco 10-2456-03 Genuine Cisco SFP-10G-LRM V03 10GBASE-LRM SFP+Transceiver
$24.99
Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module 10-2415-03
$8.00
NEW Sealed Cisco SFP-10G-LR 10GBASE-LR SFP+ 1310nm 10km *US Shipping*
$18.00
Brand New Cisco GLC-LH-SMD 1000BASE-LX/LH SFP Module 1310nm 10km SMF LC
$13.89
Mellanox Original MFM1T02A-SR 10GbE 10GBASE-SR SFP+ Transceiver
$9.00
Cisco Meraki MA-SFP-10GB-SR 10G SFP+ SR 850nm 300m LC MMF
$29.99
LOT OF 20 Genuine Cisco SFP-10G-SR V03 10GBASE-SR SFP+ Transceiver Module
$89.00
|
||
No Discussions have been posted on this vulnerability. |