Unrated severityNVD Advisory· Published Aug 19, 2009· Updated Jun 16, 2026
CVE-2008-6999
CVE-2008-6999
Description
phpAuction 3.2, and possibly 3.3.0 GPL Basic edition, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:phpauction:phpauction:3.2:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:phpauction:phpauction:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:phpauction:phpauction:3.3.0:*:gpl_basic:*:*:*:*:*
- (no CPE)range: 3.2, possibly 3.3.0 GPL Basic edition
Patches
Vulnerability mechanics
References
4- osvdb.org/47939nvdExploit
- packetstorm.linuxsecurity.com/0809-exploits/phpauction32-rfi.txtnvdExploit
- secunia.com/advisories/31803nvdVendor Advisory
- exchange.xforce.ibmcloud.com/vulnerabilities/44936nvd
News mentions
0No linked articles in our index yet.