5
CVSSv2

CVE-2016-2044

Published: 20/02/2016 Updated: 17/08/2016
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x prior to 4.5.4 allows remote malicious users to obtain sensitive information via a crafted request, which reveals the full path in an error message.

Affected Products

Vendor Product Versions
PhpmyadminPhpmyadmin4.5.0, 4.5.0.1, 4.5.0.2, 4.5.1, 4.5.2, 4.5.3
FedoraprojectFedora22, 23