6.3 Medium
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
72.8%
HUBScript 1.0 allows remote attackers to obtain configuration information via a direct request to manage/phpinfo.php, which calls the phpinfo function.
osvdb.org/55962
packetstormsecurity.org/0907-exploits/hubscript-xssphpinfo.txt
secunia.com/advisories/35895
exchange.xforce.ibmcloud.com/vulnerabilities/51830