In default Apache/PHP configuration, the server sends HTTP Header with the information of which PHP version is running on the server. The HTTP response header “X-Powered-By” displays the version of PHP that is running on the server. This information can be used by hackers to try to exploit any vulnerabilities in the PHP version you are running, specially if you are running an older version with known vulnerabilities.
Sample HTTP Response Header:
HTTP/1.1 200 OK Date: Sun, 04 Nov 2012 07:24:47 GMT Server: Apache X-Powered-By: PHP/5.2.17 Vary: Accept-Encoding,Cookie