I was bored tonight and i remember using invisionboards message board on my site before. Once of the exploits with it was the phpinfo.php file. All you had to do was go to that file and it would give someone just about anything they need. Me being my curious self just typed in "phpinfo.php" on google and up popped 14,000 files.
here is a good example of how open this leaves boards to. http://laughingsquid.com/phpinfo.php
gives paths, server info, and all the configuration settings. I didn't go any further (yet) with this but isn't that a little unsecure? I'm not that good with message board stuff, it just caught my eye.
Anybody got some info or feedback to go along with this? I'de be interested to see what some of you have to say about it.