Description

phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to Error.class.php and Error_Handler.class.php.

Remediation

References

CVE-2013-4999

Related Vulnerabilities

WordPress Plugin Titan Framework Cross-Site Scripting (1.12.1)

Liferay Portal Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2025-62251)

Internet Information Services Other Vulnerability (CVE-2000-0413)

WordPress 3.8.x Cross-Domain Flash Injection Vulnerability (3.8 - 3.8.24)

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42042)

Severity

Medium

Classification

CVE-2013-4999 CWE-200

Tags

Missing Update Known Vulnerabilities