• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Invision Board PHPINFO.PHP Information Disclosure Vulnerability

Invision Board, in the suggestion installation, may disclose sensitive information to remote attackers.

The suggested installation procedure suggests that users include the 'phpinfo.php' script. This script provides information about the environment that the software is running in. If remote attackers access this script, this may disclose sensitive information which may assist in further attacks.