show_config_errors.php in phpMyAdmin 3.5.x prior to 3.5.2.1 allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpmyadmin phpmyadmin 3.5.0.0 |
||
phpmyadmin phpmyadmin 3.5.1.0 |
||
phpmyadmin phpmyadmin 3.5.2.0 |