CyberSec.Space Logo
Back to CVE Browser

CVE-2011-3773

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.1490%
EPSS Percentile3.23th
PublishedSep 24, 2011
Last ModifiedApr 29, 2026

Vulnerability Description

PHPDevShell 3.0.0-Beta-4b allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by gzip.php.

Affected Platforms (CPE)

πŸ“¦
Phpdevshell

Phpdevshell

= 3.0.0

References & Advisories

πŸ”— http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README
πŸ”— http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/PHPDevShell-V3.0.0-Beta-4b
πŸ”— http://www.openwall.com/lists/oss-security/2011/06/27/6
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/70599
πŸ”— http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README
πŸ”— http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/PHPDevShell-V3.0.0-Beta-4b
πŸ”— http://www.openwall.com/lists/oss-security/2011/06/27/6
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/70599

Related Vulnerabilities

CVE-2007-618610.0

Unspecified vulnerability in PHPDevShell before 0.7.0 has unknown impact and attack vectors, involving a "minor security bug in re...

CVE-2007-61748.5

PHPDevShell before 0.7.0 allows remote authenticated users to gain privileges via a crafted request to update a user profile. NOT...

CVE-2011-262810.0

Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause...

CVE-2011-007410.0

Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.19 and 3.6.x before 3.6.17, Thunderbird before...