CVE-2013-5000

phpMyAdmin <3.5.8.2 - Info Disclosure

Title source: llm

Description

phpMyAdmin 3.5.x before 3.5.8.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to config.default.php and other files.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

http://www.phpmyadmin.net/home_page/security/PMASA-2013-12.php

Scores

EPSS 0.0025

EPSS Percentile 48.3%

Details

CWE

CWE-200

Status published

Products (12)

phpmyadmin/phpmyadmin 3.5.0.0

phpmyadmin/phpmyadmin 3.5.1.0

phpmyadmin/phpmyadmin 3.5.2.0

phpmyadmin/phpmyadmin 3.5.2.1

phpmyadmin/phpmyadmin 3.5.2.2

phpmyadmin/phpmyadmin 3.5.3.0

phpmyadmin/phpmyadmin 3.5.4

phpmyadmin/phpmyadmin 3.5.5

phpmyadmin/phpmyadmin 3.5.6

phpmyadmin/phpmyadmin 3.5.7 (2 CPE variants)

... and 2 more

Published Jul 31, 2013

Tracked Since Feb 18, 2026