Description
phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information via a direct request for themes/darkblue_orange/layout.inc.php, which reveals the path in an error message.
Remediation
References
Related Vulnerabilities
Drupal Core 6.x Cross-Site Scripting (6.0 - 6.11)
WordPress Plugin Timetable and Event Schedule by MotoPress Cross-Site Scripting (2.3.18)
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)
Jboss EAP Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2017-2670)
WordPress Plugin Mobile Device Detection by 51Degrees Cross-Site Scripting (3.1.5.2)