phpinfo() Found

Impact: Medium


The phpinfo() method in the PHP programming language discloses a large amount of information about the PHP, extensions, server, and environments. Since different environments have a different setup, the phpinfo() can help to figure out the configurations. It can also facilitate the debugging process. Using this function call in the production environment can be dangerous because the provided information is valuable for attackers to develop their attack.


Remove the page or remove the phpinfo() function call.


Last updated on February 15, 2021

This issue is available in SmartScanner Professional

See Pricing