The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings.
Invision Power Services Invision Board 1.0.1
Invision Power Services Invision Board 1.0
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: Remove the phpinfo.php file from the web server.