Description

One or more phpinfo() pages were found. The phpinfo() function exposes a large amount of information about the PHP configuration and that of its environment. This includes information about PHP compilation options and extensions, the PHP version, server information, OS version information, paths, master and local values of configuration options, HTTP headers, and the PHP License.

Remediation

Remove either the call to the phpinfo() function from the file(s), or the file(s) itself.

References

PHP phpinfo

Related Vulnerabilities

Documentation files

WordPress Plugin Shopping Cart & eCommerce Store Information Disclosure (2.0.5)

WordPress 3.7.x Multiple Vulnerabilities (3.7 - 3.7.14)

WordPress Plugin Backup & Restore Dropbox Multiple Vulnerabilities (1.4.7.5)

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.2)

Severity

Medium

Classification

CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Information Disclosure Test Files