Description
phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Activity Log Cross-Site Request Forgery (4.1.3.2)
SharePoint CVE-2021-34468 Vulnerability (CVE-2021-34468)
MySQL CVE-2015-4737 Vulnerability (CVE-2015-4737)
WordPress Ultimate Member Plugin Improper Privilege Management Vulnerability (CVE-2020-36156)
WordPress Plugin U BuddyPress Forum Attachment 'fileurl' Parameter Remote File Disclosure (1.1.1)