CVE-2008-6771

Name of the Vulnerable Software and Affected Versions: YourPlace versions 1.0.2 and earlier

Description: The issue allows remote attackers to obtain sensitive system information. This is achieved by making a direct request to the "user/uploads/phpinfo.php" endpoint, which calls the phpinfo() function, potentially exposing critical system details.

Recommendations: For versions 1.0.2 and earlier, consider restricting access to the "user/uploads/phpinfo.php" endpoint to prevent unauthorized disclosure of system information. As a temporary workaround, removing or disabling the phpinfo() function call in this endpoint can help mitigate the risk until a more permanent fix is applied.