Description

phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.

Remediation

References

CVE-2007-0095

Related Vulnerabilities

WordPress Plugin JW Player 6 Cross-Site Scripting (2.1.14)

WordPress Plugin All in One Webmaster Cross-Site Request Forgery (8.2.3)

PHP Use of Externally-Controlled Format String Vulnerability (CVE-2006-0200)

Jetty Insufficient Session Expiration Vulnerability (CVE-2021-34428)

WordPress Plugin Free Live Chat Support Cross-Site Request Forgery (1.0.11)

Severity

Medium

Classification

CVE-2007-0095

Tags

Missing Update Known Vulnerabilities