0002071: A php info file is available for all users

ID	Project	Category	View Status	Date Submitted	Last Update

0002071	Xdebug	Code Coverage	public	2022-03-07 00:23	2022-03-07 15:51

Reporter	Hako	Assigned To	derick
Priority	low	Severity	minor	Reproducibility	always
Status	resolved	Resolution	no change required

Summary	0002071: A php info file is available for all users
Description	Hi I found that a page of phpinfo that contain a sensitive informations about the website infrastructure. So just go to https://xdebug.org/archives/xdebug-general/att-0782/phpinfo.htm to reproduce it
Steps To Reproduce	Go to https://xdebug.org/archives/xdebug-general/att-0782/phpinfo.htm and you will see the configuration file
Additional Information	An attacker can obtain information such as: Exact PHP version. Exact OS and its version. Details of the PHP configuration. Internal IP addresses. Server environment variables. Loaded PHP extensions and their configurations and etc.
Tags	No tags attached.

Operating System
PHP Version	8.0.10-8.0.19

Date Modified	Username	Field	Change
2022-03-07 00:23	Hako	New Issue
2022-03-07 15:51	derick	Assigned To	=> derick
2022-03-07 15:51	derick	Status	new => resolved
2022-03-07 15:51	derick	Resolution	open => no change required
2022-03-07 15:51	derick	Note Added: 0006232

derick 2022-03-07 15:51 administrator ~0006232	There is nothing sensitive in that file.