Description

The PHP Console server library was found in the web application. Usage of the PHP Console should be avoided in production and strictly configured in a development environment, as it may disclose sensitive information about the web application

Remediation

Disable the PHP Console or restrict access to it

References

PHP Console addon

Related Vulnerabilities

WordPress Plugin Simply Static Arbitrary File Download (1.6.2)

Joomla! Core 1.5.x Information Disclosure (1.5.0 - 1.5.14)

Drupal Core 8.9.x Information Disclosure (8.9.0 - 8.9.5)

WordPress Plugin Slideshow Gallery LITE Multiple Vulnerabilities (1.5.1)

PostgreSQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-7484)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure