Insecure Installation Procedure Exposes Sensitive Information in Invision Board

Insecure Installation Procedure Exposes Sensitive Information in Invision Board

CVE-2002-1149 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings.

Learn more about our Web App Pen Testing.