Information disclosure

• Information disclosure in error messages

• Information disclosure on debug page

• Source code disclosure via backup files

• Authentication bypass via information disclosure