Detections
Analytics
phPay admin/phpinfo.php Information Disclosure
medium Nessus Plugin ID 11531
Language:
Synopsis
A remote web application is vulnerable to several flaws.Description
The remote host is running phPay, an online shop management system.This package contains multiple information leakages that could allow an attacker to obtain the physical path of the installation on the remote host or even the exact version of the components used by the remote host by using the file admin/phpinfo.php, which comes with it.
This file makes a call to phpinfo(), which displays a lot of information about the remote host and how PHP is configured.
An attacker could use this flaw to gain a more intimate knowledge about the remote host and better prepare its attacks.
Additionally, this version is vulnerable to a cross-site scripting issue that may let an attacker steal the cookies of your legitimate users.
Solution
Upgrade to phPay 2.2.1 or newer.Plugin Details
Severity: Medium
ID: 11531
File Name: phpay_info_disclosure.nasl
Version: 1.25
Type: remote
Family: CGI abuses
Published: 4/14/2003
Updated: 1/19/2021
Supported Sensors: Nessus
Vulnerability Information
CPE: cpe:/a:phpay:phpay
Required KB Items: www/PHP
Excluded KB Items: Settings/disable_cgi_scanning
Exploit Available: true
Exploit Ease: No exploit is required
Vulnerability Publication Date: 4/9/2003