Description
Phpfastcache exposes phpinfo() if the "/vendor" directory is not protected from public access. It discloses sensitive information and an attacker could use it to conduct further attacks.
Remediation
Upgrade to the latest version of Phpfastcache
References
Related Vulnerabilities
WordPress Plugin WordPress File Upload Multiple Vulnerabilities (2.7.6)
WordPress Plugin JM Twitter Cards Information Disclosure (6.1)
XML External Entity Injection via external file
Apache Tomcat version older than 7.0.23
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4194)