PHP phpinfo() cross-site scripting
| php-phpinfo-xss (10355) |  Medium Risk |
Description:
PHP could allow a remote attacker to launch cross-site scripting attacks, caused by an input validation vulnerability in the phpinfo() function. A remote attacker could inject malicious script into the phpinfo() function using a specially-crafted URL request, which would cause the malicious script to be executed on the system when the debugging output is displayed in the victim's Web browser, once the link is clicked.
Platforms Affected:
- PHP, PHP 4.2.3
- Various vendors, Any Web server
Remedy:
No remedy available as of July 6, 2008.
Consequences:
Gain Access
References:
- BugTraq Mailing List, Tue Jun 03 2003 - 08:30:07 CDT, PHP XSS exploit in phpinfo() at http://archives.neohapsis.com/archives/bugtraq/2003-06/0027.html.
- VulnWatch Mailing List, Sun Oct 13 2002 - 00:34:13 CDT , PHP Information Functions May Allow Cross-Site Scripting at http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0021.html.
- BID-7805: PHP PHPInfo Cross-Site Scripting Vulnerability
- CVE-2002-1954: Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attackers to inject arbitrary web script or HTML via the query string argument, as demonstrated using soinfo.php.
Reported:
Oct 12, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.
For corrections or additions please email xforce@iss.net