Description
phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function.
Remediation
References
Related Vulnerabilities
Joomla! Core 2.5.x Security Bypass (2.5.0 - 2.5.2)
Drupal Core 4.6.x Cross-Site Scripting (4.6.0 - 4.6.3)
WordPress Plugin Booster for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)
SharePoint CVE-2025-21400 Vulnerability (CVE-2025-21400)
WordPress Plugin Wp Cookie Choice Cross-Site Request Forgery (1.1.0)