Description

The PHP Debug Bar was found in the web application. Usage of the PHP Debug Bar should be avoided in production and strictly configured in a development environment, as it discloses sensitive information about the web application

Remediation

Disable the PHP Debug Bar or restrict access to it

References

PHP Debug Bar

Related Vulnerabilities

WordPress Plugin Import all XML, CSV & TXT into WordPress Information Disclosure (3.6.74)

WordPress Plugin Google Doc Embedder Arbitrary File Disclosure (2.4.6)

PHP opcache-status page publicly accessible

JBoss Seam remoting vulnerabilities

WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-0191)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Tags

Information Disclosure