CVE-2011-5144 Information

Description

Open Business Management (OBM) 2.4.0-rc13 and earlier allows remote attackers to obtain configuration information via a direct request to test.php which calls the phpinfo function.

Reference

http://osvdb.org/78009 http://secunia.com/advisories/47139 https://exchange.xforce.ibmcloud.com/vulnerabilities/71924 https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_obm.html