CVE-2005-0459

phpMyAdmin <2.6.2-dev - Info Disclosure

Title source: llm
STIX 2.1

Description

phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message.

References (1)

Core 1
Core References
Exploit, Vendor Advisory vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1013210

Scores

EPSS 0.0036
EPSS Percentile 58.4%

Details

Status published
Products (36)
phpmyadmin/phpmyadmin 2.0
phpmyadmin/phpmyadmin 2.0.1
phpmyadmin/phpmyadmin 2.0.2
phpmyadmin/phpmyadmin 2.0.3
phpmyadmin/phpmyadmin 2.0.4
phpmyadmin/phpmyadmin 2.0.5
phpmyadmin/phpmyadmin 2.1
phpmyadmin/phpmyadmin 2.1.1
phpmyadmin/phpmyadmin 2.1.2
phpmyadmin/phpmyadmin 2.2.2
... and 26 more
Published May 02, 2005
Tracked Since Feb 18, 2026