phpMyAdmin 'show_config_errors.php' Full Path Information Disclosure Vulnerability

phpMyAdmin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin 3.x 'show_config_errors.php'完整路径信息泄露漏洞

BUGTRAQ ID: 52858 CVE ID: CVE-2012-1902 phpMyAdmin是一个用PHP编写的，可以通过web方式控制和操作MySQL数据库。 phpMyAdmin在实现上存在安全漏洞，showconfigerrors.php没有验证配置文件的存在，因此错误信息中显示该文件的完整路径，导致信息泄露。 0 phpMyAdmin 3.x 厂商补丁： phpMyAdmin ---------- phpMyAdmin已经为此发布了一个安全公告（PMASA-2012-2）以及相应补丁: PMASA-2012-2：PMASA-2012-2...

[ MDVSA-2012:050 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:050 http://www.mandriva.com/security/ Package : phpmyadmin Date : April 3, 2012 Affected: Enterprise Server 5.0 Problem Description: Multiple vulnerabilities has been found and corrected in phpmyadmin: It wa...

CVE-2012-1902

showconfigerrors.php in phpMyAdmin 3.4.x before 3.4.10.2, when a configuration file does not exist, allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message about this missing file...