Description
phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-1830)
Drupal Core 5.x Arbitrary Code Execution (5.0 - 5.2)
WordPress Plugin WP Post to PDF Cross-Site Scripting (2.3.1)
WordPress Plugin Power Zoomer Arbitrary File Upload (1.2)
Oracle Application Server Improper Authentication Vulnerability (CVE-2002-0563)