7 matches found
phpMyAdmin 4.0.0 < 4.0.10.12 / 4.4.0 < 4.4.15.2 / 4.5.0 < 4.5.3.1 Information Disclosure (PMASA-2015-6)
According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.12, 4.4.x prior to 4.4.15.2, or 4.5.x prior to 4.5.3.1. It is, therefore, affected by an information disclosure vulnerability: - libraries/config/messages.inc.php in...
openSUSE Security Update : phpMyAdmin (openSUSE-2016-13)
phpMyAdmin was updated to 4.4.15.2 to fix one security issue and one non-security bug. The following vulnerability was fixed : - CVE-2015-8669: It was possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed boo96028...
Mageia: Security Advisory (MGASA-2016-0002)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-8669
libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message...
CVE-2015-8669
libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message...
CVE-2015-8669
PHPMyAdmin vulnerable component: libraries/config/messages.inc.php. Affected versions: 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1. Root cause: information disclosure via crafted requests that trigger error messages revealing the full installation path. Impact: partial...
CVE-2015-8669
libraries/config/messages.inc.php in phpMyAdmin 4.0.x before 4.0.10.12, 4.4.x before 4.4.15.2, and 4.5.x before 4.5.3.1 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message...