server_user_groups.php in phpMyAdmin 4.1.x before 4.1.14.2 and 4.2.x before 4.2.6 allows remote authenticated users to bypass intended access restrictions and read the MySQL user list via a viewUsers request.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Opensuse | Opensuse | 12.3 | 12.3 |
Opensuse | Opensuse | 13.1 | 13.1 |
Phpmyadmin | Ubuntu | lucid | * |
Phpmyadmin | Ubuntu | precise | * |
Phpmyadmin | Ubuntu | trusty | * |
Phpmyadmin | Ubuntu | trusty/esm | * |
Phpmyadmin | Ubuntu | upstream | * |