Description

phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.

Remediation

References

CVE-2013-5000

Related Vulnerabilities

MyBB CVE-2008-3070 Vulnerability (CVE-2008-3070)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4025)

WordPress Plugin Seed Social Cross-Site Scripting (2.0.3)

WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Request Forgery (2.8.6)

Joomla URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2020-24598)

Severity

Medium

Classification

CVE-2013-5000 CWE-200

Tags

Missing Update Known Vulnerabilities