Stack Trace Disclosure (PHP)
Severity:
Low
Summary
Invicti identified a stack trace disclosure (PHP) in the target web server's HTTP response.
Impact
An attacker can obtain information such as:
- PHP version.
- Physical file path of PHP files.
- Information about the generated exception and possibly source code, SQL queries, etc.
Remediation
Apply following changes on your php.ini file to prevent information leakage by applying custom error pages.
display_errors = Off
If you want to set it within PHP code, you can use the following code:ini_set('display_errors', 'Off');
Required Skills for Successful Exploitation
Actions To Take
Classifications
Vulnerability Index
You can search and find all vulnerabilities
Select Category
Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Select Vulnerability
Featured resources
Build your resistance to threats. And save hundreds of hours each month.
