Description
phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.
Remediation
References
Related Vulnerabilities
Squid Improper Input Validation Vulnerability (CVE-2010-0308)
WordPress Plugin DukaPress SQL Injection (2.5.9)
WordPress Plugin WP Admin UI Customize Cross-Site Scripting (1.5.2.6)
Drupal Core 8.x Security Bypass (8.0.0 - 8.5.5)
Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-4724)