Hello all you UNAtarians. I receive warnings every few weeks from bug bounty hunters. They tell me that the phpinfo . php page makes the site vulnerable to exploitation.
Is this true? Should this page be hidden?
Absolutely.
If you want to keep it, add in the header.inc.php from UNA and check if is Admin, if not, die.
Here ya go, drop this in your site root. 😁
You'll have to be logged into your site as Admin to view it, otherwise it'll just be a blank nothing.
