phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote malicious users to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpauction phpauction 3.2 |
||
phpauction phpauction 3.3.0 |