Description

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.

Remediation

References

CVE-2007-0095

Related Vulnerabilities

WordPress Plugin WP Post Popup Directory Traversal (2.1.1)

WordPress Plugin Car Seller-Auto Classifieds Script SQL Injection (2.1.0)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-8755)

MediaWiki Other Vulnerability (CVE-2005-0534)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Security Bypass (1.3.75)

Severity

Medium

Classification

CVE-2007-0095

Tags

Missing Update Known Vulnerabilities