phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpmyadmin | Phpmyadmin | 2.5.2_pl1 | 2.5.2_pl1 |
Phpmyadmin | Phpmyadmin | 2.6.2_pl1 | 2.6.2_pl1 |
Phpmyadmin | Phpmyadmin | 2.6.1_pl3 | 2.6.1_pl3 |
Phpmyadmin | Phpmyadmin | 2.6.0_pl3 | 2.6.0_pl3 |
Phpmyadmin | Phpmyadmin | 2.5.7_pl1 | 2.5.7_pl1 |
Phpmyadmin | Phpmyadmin | 2.6.4_pl3 | 2.6.4_pl3 |
Phpmyadmin | Phpmyadmin | 2.5.4 | 2.5.4 |
Phpmyadmin | Phpmyadmin | 2.5.3 | 2.5.3 |
Phpmyadmin | Phpmyadmin | 2.6.4_pl4 | 2.6.4_pl4 |
Phpmyadmin | Phpmyadmin | 2.5.6_rc2 | 2.5.6_rc2 |
Phpmyadmin | Phpmyadmin | 2.2.0 | 2.2.0 |
Phpmyadmin | Phpmyadmin | 2.2.7_pl1 | 2.2.7_pl1 |
Phpmyadmin | Phpmyadmin | 2.6.3_pl1 | 2.6.3_pl1 |
Phpmyadmin | Phpmyadmin | 2.7.0_beta1 | 2.7.0_beta1 |
Phpmyadmin | Phpmyadmin | 2.5.5_pl1 | 2.5.5_pl1 |