Sensitive Information Disclosure via phpinfo.php in Mambo Site Server 4.0.11

CVE-2002-2247 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function.

Learn more about our Web App Pen Testing.