CVE-2009-2443

Name of the Vulnerable Software and Affected Versions Siteframe versions 3.2.3 and other 3.2.x versions

Description The issue allows remote attackers to obtain configuration information by making a direct request to 'phpinfo.php', which calls the phpinfo function. This provides sensitive details about the system configuration.

Recommendations For Siteframe versions 3.2.3 and other 3.2.x versions, consider restricting access to the 'phpinfo.php' file to prevent unauthorized disclosure of configuration information. As a temporary workaround, remove or rename the 'phpinfo.php' file until a more permanent solution is available.