Description
show_config_errors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this missing file.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Reset-Most Advanced WordPress Reset Tool Cross-Site Scripting (1.86)
Oracle Database Server CVE-2010-0852 Vulnerability (CVE-2010-0852)
WordPress Plugin Smooth Scroll Page Up/Down Buttons Cross-Site Scripting (1.3)
WordPress Plugin Photo Gallery by Supsystic Multiple Vulnerabilities (1.8.5)
Jboss EAP Improper Input Validation Vulnerability (CVE-2010-3862)