2007-10-18 10:00:00
mitre
PUBLISHED
soinfo.php in BadBlue 1.7.1 calls the phpinfo function, which allows remote attackers to gain sensitive information including ODBC passwords.