Description

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.

Remediation

References

CVE-2007-0095

Related Vulnerabilities

Moodle Improper Input Validation Vulnerability (CVE-2013-2083)

Drupal Other Vulnerability (CVE-2016-3167)

WordPress Plugin Hitasoft FLV Player 'id' Parameter SQL Injection (1.1)

Dolibarr Improper Authentication Vulnerability (CVE-2017-8879)

WordPress Plugin Events Manager Cross-Site Scripting (5.8.1.3)

Severity

Medium

Classification

CVE-2007-0095

Tags

Missing Update Known Vulnerabilities