CVE-2011-5144

Name of the Vulnerable Software and Affected Versions Open Business Management (OBM) versions 2.4.0-rc13 and earlier

Description The issue allows remote attackers to obtain configuration information by making a direct request to "test.php", which calls the phpinfo() function.

Recommendations For Open Business Management (OBM) versions 2.4.0-rc13 and earlier, consider restricting access to the "test.php" file to prevent unauthorized disclosure of configuration information. As a temporary workaround, removing or disabling the phpinfo() function call in "test.php" can help mitigate the risk until a more permanent solution is available.