CVE-2005-4875
published 2005-12-31CVE-2005-4875: TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and…
PriorityP422high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.39%
69.0th percentile
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| typo3 | cms | >= 0 < 3.8.1 | 3.8.1 |
| typo3 | typo3 | <= 3.8.0 | — |
| typo3 | typo3 | — | — |
| typo3 | typo3 | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
TYPO3 Reveals Sensitive Information via Direct Request to `misc/phpcheck/`
ghsa·2022-05-01
CVE-2005-4875 [HIGH] CWE-200 TYPO3 Reveals Sensitive Information via Direct Request to `misc/phpcheck/`
TYPO3 Reveals Sensitive Information via Direct Request to `misc/phpcheck/`
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.
OSV
TYPO3 Reveals Sensitive Information via Direct Request to `misc/phpcheck/`
osv·2022-05-01
CVE-2005-4875 [HIGH] TYPO3 Reveals Sensitive Information via Direct Request to `misc/phpcheck/`
TYPO3 Reveals Sensitive Information via Direct Request to `misc/phpcheck/`
TYPO3 3.8.0 and earlier allows remote attackers to obtain sensitive information via a direct request to misc/phpcheck/, which invokes the phpinfo function and prints values of unspecified environment variables.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://bugs.typo3.org/view.php?id=1250http://typo3.org/teams/security/security-bulletins/typo3-20050725-1/https://exchange.xforce.ibmcloud.com/vulnerabilities/42457http://bugs.typo3.org/view.php?id=1250http://typo3.org/teams/security/security-bulletins/typo3-20050725-1/https://exchange.xforce.ibmcloud.com/vulnerabilities/42457
2005-12-31
Published