Ripe Website Manager 0.8.9 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
https://exchange.xforce.ibmcloud.com/vulnerabilities/35200
http://www.securityfocus.com/bid/24722