PHP info page disclosure

phpinfo() is a debug functionality that prints out detailed information on both the system and the PHP configuration. Step to reproduce: Go here: https://mysmartplans.gsa.gov/phpinfo.php An attacker can obtain information such as: Exact PHP version. Exact OS and its version. Details of the PHP configuration. Internal IP addresses. Server environment variables. Loaded PHP extensions and their configurations and etc. ## Impact This information can help an attacker gain more information on the system. After gaining detailed information, the attacker can research known vulnerabilities for that system under review. The attacker can also use this information during the exploitation of other vulnerabilities.