Description

phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.

Remediation

References

CVE-2005-0459

Related Vulnerabilities

WordPress Plugin Custom Dashboard & Login Page-AGCA Multiple Unspecified Vulnerabilities (1.5.4.2)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (9.0.1)

WordPress Plugin Adsense Extreme 'adsensextreme[lang]' Parameter Remote File Include (1.0.3)

WordPress 4.1.x Multiple Vulnerabilities (4.1 - 4.1.12)

WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.8)

Severity

Medium

Classification

CVE-2005-0459

Tags

Missing Update Known Vulnerabilities