https://www.exploit-db.com/exploits/23526
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200401-044

PHPGEDVIEW2.61版本中的admin.php存在漏洞。远程攻击者可以通过带有phpinfo命令的action参数来获取敏感信息。

source: http://www.securityfocus.com/bid/9371/info

PhpGedView allows remote users to access information displayed by the phpinfo() function. This may disclose sensitive information about the environment the software runs in.

This issue is reported to affect PhpGedView 2.61. Other versions are also likely affected.

http://www.example.com/phpgedview_folder/admin.php?action=phpinfo

来源:BUGTRAQ
名称:20040106VulninPHPGEDVIEW2.61Multi-Problem
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=107340840209453&w;=2
来源:XF
名称:phpgedview-admin-info-disclosure(14162)
链接:http://xforce.iss.net/xforce/xfdb/14162
来源:BID
名称:9371
链接:http://www.securityfocus.com/bid/9371
来源:OSVDB
名称:3404
链接:http://www.osvdb.org/3404
来源:SECUNIA
名称:10565
链接:http://secunia.com/advisories/10565