Description

phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.

Remediation

References

CVE-2013-4998

Related Vulnerabilities

phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-11767)

Oracle JRE CVE-2013-0430 Vulnerability (CVE-2013-0430)

WordPress Plugin W4 Post List Cross-Site Scripting (2.4.4)

WordPress Plugin Paid Memberships Pro-Restrict Member Access to Content, Courses, Communities-Free or Paid Subscriptions SQL Injection (2.9.7)

WordPress Plugin User Profile Builder-Beautiful User Registration Forms, User Profiles & User Role Editor 'key' Parameter Security Bypass (1.1.24)

Severity

Medium

Classification

CVE-2013-4998 CWE-200

Tags

Missing Update Known Vulnerabilities