Phpsysinfo · Phpsysinfo · CVE-2003-0536
Name of the Vulnerable Software and Affected Versions:
phpSysInfo versions 2.1 and earlier
Description:
The issue allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service. This is achieved via .. (dot dot) sequences in the `template` or `lng` parameters.
Recommendations:
For phpSysInfo versions 2.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.