Wysi Wiki Wyg 1.0 allows remote malicious users to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.
easy-script wysi wiki wyg 1.0