PHP Leaking Login Info To The World

Check this url:
http://host1-cite.citeglobe.com/info.php
or
http://www.erserver.com/phpinfo.php

Go down to or search for
_ENV["USER"]
and
_ENV["GROUP"]

I am not sure why PHP is leaking important info to the world. It is extremely. It is so easy for any script to get access of all system data, thinking about a shared hosting enviroment.

 

 

 

 

Top