Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function.

More... (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5322)