source: http://www.securityfocus.com/bid/7805/info Scripts that include the PHP phpinfo() debugging function may be prone to cross-site scripting attacks. This could permit remote attackers to create a malicious link to a vulnerable PHP script that includes hostile client-side script code or HTML. If this link is visited, the attacker-supplied code may be rendered in the browser of the user who visit the malicious link. http://www.example.com/info.php?variable=[code] where [code] equals hostile HTML or script code.
Related ExploitsTrying to match CVEs (1): CVE-2002-1954
Trying to match OSVDBs (1): 4619
Trying to match setup file: 2a4a963d79d97ea2725c860c77e908a2
Other Possible E-DB Search Terms: PHP 4, PHP