Description

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.

Remediation

References

CVE-2007-0095

Related Vulnerabilities

WordPress Plugin Age Gate Unspecified Vulnerability (2.18.5)

phpBB Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-11767)

Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2019-1010054)

WordPress Plugin Wonder Video Embed Cross-Site Scripting (1.7)

PHP Resource Management Errors Vulnerability (CVE-2012-0830)

Severity

Medium

Classification

CVE-2007-0095

Tags

Missing Update Known Vulnerabilities