Phase:Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function.
ReferencesBUGTRAQ:Saturday, October 25, 2003 Advanced Poll : PHP Code Injection, File Include, Phpinfo | URL:http://www.securityfocus.com/archive/1/342493 | VULNWATCH:Saturday, October 25, 2003 Advanced Poll : PHP Code Injection, File Include, Phpinfo | URL:http://archives.neohapsis.com/a
Votes:Assigned (Wednesday, May 04, 2005)
Comments:None (candidate not yet proposed)
F7: