Description
The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script.
Remediation
References
Related Vulnerabilities
WordPress Plugin wp-buddha-free-adwords Security Bypass (1.0.0)
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.7)
WordPress Plugin WP Jobs SQL Injection (1.4)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2146)
WordPress Plugin Easy Forms for MailChimp Cross-Site Scripting (6.1.2)