Description

phpmyadmin.css.php in phpMyAdmin 3.4.x before 3.4.6 allows remote attackers to obtain sensitive information via an array-typed js_frame parameter to phpmyadmin.css.php, which reveals the installation path in an error message.

Remediation

References

CVE-2011-3646

Related Vulnerabilities

WordPress Plugin Inline Tweet Sharer-Twitter Sharing Cross-Site Scripting (2.5.3)

Oracle JRE CVE-2011-3546 Vulnerability (CVE-2011-3546)

WordPress Plugin WP-PostViews Cross-Site Request Forgery (1.62)

WordPress Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2003-1599)

MySQL CVE-2018-2762 Vulnerability (CVE-2018-2762)

Severity

Medium

Classification

CVE-2011-3646 CWE-20

Tags

Missing Update Known Vulnerabilities