Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Invision Board phpinfo.php远程信息泄露漏洞
Vulnerability Description
Invision Board是一款基于PHP的留言板程序。 Invision Board安装时不恰当地拷贝了脚本文件,远程攻击者可以利用这个漏洞获得系统敏感信息。 Invision Board安装时会拷贝phpinfo.php文件到应用程序当前目录,文件包含对phpinfo()的调用,攻击者可以直接调用这个php脚本文件,获得PHP模块信息、设置、系统变量等信息。
CVSS Information
N/A
Vulnerability Type
N/A