Description

phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.

Remediation

References

CVE-2011-0986

Related Vulnerabilities

MediaWiki CVE-2021-30159 Vulnerability (CVE-2021-30159)

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (2.1.5)

Moodle Exposure of Resource to Wrong Sphere Vulnerability (CVE-2017-7490)

WordPress Plugin Browser and Operating System Finder Cross-Site Request Forgery (1.1)

Perl Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-12814)

Severity

Medium

Classification

CVE-2011-0986 CWE-20

Tags

Missing Update Known Vulnerabilities