Namiltd

**Name of the Vulnerable Software and Affected Versions** Phpsysinfo version 3.4.3 **Description** A Cross Site Request Forgery (CSRF) issue allows a remote attacker to obtain sensitive information via a crafted page in the XML.php file. The functionality is disabled by default in Phpsysinfo 3.4.3, but users may enable the vulnerable functionality. **Recommendations** For Phpsysinfo version 3.4.3, consider disabling the vulnerable functionality related to the XML.php file until a patch is available. As a temporary workaround, restrict access to the XML.php file to minimize the risk of exploitation.