CVE-2008-0149

Name of the Vulnerable Software and Affected Versions TUTOS version 1.3

Description The issue allows remote attackers to read system information via a direct request to "php/admin/phpinfo.php", which calls the phpinfo function.

Recommendations For TUTOS version 1.3, consider restricting access to the "php/admin/phpinfo.php" endpoint to minimize the risk of exploitation. As a temporary workaround, disabling the phpinfo function call in the affected endpoint can help mitigate the issue until a more permanent fix is available.