CARE2X 2.2 phpinfo.php phpinfo information disclosure

EntryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in CARE2X 2.2 (Health Information Software) and classified as problematic. This vulnerability affects the function phpinfo of the file phpinfo.php. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field03/13/2015 12:16 PM08/27/2018 07:44 AM
typeHealth Information SoftwareHealth Information Software
nameCARE2XCARE2X
version2.22.2
filephpinfo.phpphpinfo.php
functionphpinfophpinfo
cvss2_vuldb_basescore5.05.0
cvss2_vuldb_tempscore5.05.0
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_auNN
cvss2_vuldb_ciPP
cvss2_vuldb_iiNN
cvss2_vuldb_aiNN
cvss3_meta_basescore5.35.3
cvss3_meta_tempscore5.35.3
cvss3_vuldb_basescore5.35.3
cvss3_vuldb_tempscore5.35.3
date1173863046 (03/14/2007)1173863046 (03/14/2007)
urlhttps://secunia.com/advisories/24481https://secunia.com/advisories/24481
price_0day$0-$5k$0-$5k
cveCVE-2007-1574CVE-2007-1574
cve_assigned11744352001174435200
cve_nvd_published11744352001174435200
cve_nvd_summaryCARE2X 2.2, and possibly earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.CARE2X 2.2, and possibly earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
osvdb3404434044
osvdb_create11738627271173862727
osvdb_titleCARE2X phpinfo.php Direct Request Information DisclosureCARE2X phpinfo.php Direct Request Information Disclosure
secunia2448124481
secunia_titleCARE2X File Inclusion and Information ExposureCARE2X File Inclusion and Information Exposure
secunia_riskHighly CriticalHighly Critical
seealso35621 85275 85276 85277 85278 85279 85280 85281 85282 85283 85284 85285 85286 85287 85288 8528935621 85275 85276 85277 85278 85279 85280 85281 85282 85283 85284 85285 85286 85287 85288 85289
risk11
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlNDND
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlXX
cvss3_vuldb_rcXX
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prNN
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iNN
cvss3_vuldb_aNN
cvss2_nvd_avN
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiN
cvss2_nvd_aiN
secunia_date1173823200 (03/13/2007)

Do you want to use VulDB in your project?

Use the official API to access entries easily!