Description

phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.

Remediation

References

CVE-2013-5000

Related Vulnerabilities

MediaWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-29907)

ownCloud Other Vulnerability (CVE-2015-5954)

Oracle JRE CVE-2024-20919 Vulnerability (CVE-2024-20919)

WordPress Plugin WP-Filebase Download Manager Multiple Unspecified Vulnerabilities (0.2.9.24)

phpList Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-4246)

Severity

Medium

Classification

CVE-2013-5000 CWE-200

Tags

Missing Update Known Vulnerabilities