Never include system configuration information in the public error messages.

How to perform the test?

1. Make sure a line "$DBDebug = false" exists in in the database connection file "/bitrix/php_interface/dbconn.php". This will prevent showing the SQL errors.
2. Open "Settings > System Settings > Module Settings", select "Kernel" in the drop-down list. Click the "Settings" tab. Check that the "Error report mode" option is "None". Alternatively, open the PHP settings form ("Settings > Tools > PHP Settings"). The "display_errors" parameters must be set to "Off".