Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDA81161D2-790F-11E1-AC16-E0CB4E266481
HistoryMar 28, 2012 - 12:00 a.m.

phpMyAdmin -- Path disclosure due to missing verification of file presence

2012-03-2800:00:00
vuxml.freebsd.org
34

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.007

Percentile

79.8%

JSON

The phpMyAdmin development team reports:

The show_config_errors.php scripts did not validate the presence
of the configuration file, so an error message shows the full path
of this file, leading to possible further attacks. For the error
messages to be displayed, php.ini’s error_reporting must be set to
E_ALL and display_errors must be On (these settings are not
recommended on a production server in the PHP manual).

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphpmyadmin< 3.4.10.2UNKNOWN

Related

debiancve 1
nessus 5
nvd 1
phpmyadmin 1
prion 1
openvas 9
veracode 1
ubuntucve 1
seebug 1
cvelist 1
cve 1
fedora 3
securityvulns 2
debiancve
debiancve
CVE-2012-1902
2012-04-06 19:55:01
nessus
nessus
FreeBSD : phpMyAdmin -- Path disclosure due to missing verification of file presence (a81161d2-790f-11e1-ac16-e0cb4e266481)
2012-03-29 00:00:00
openSUSE Security Update : phpMyAdmin (openSUSE-SU-2012:0494-1)
2014-06-13 00:00:00
Fedora 15 : phpMyAdmin-3.5.0-1.fc15 (2012-5631)
2012-05-01 00:00:00
nvd
nvd
CVE-2012-1902
2012-04-06 19:55:01
phpmyadmin
phpmyadmin
Path disclosure due to missing verification of file presence.
2012-03-28 00:00:00
prion
prion
Design/Logic Flaw
2012-04-06 19:55:00
openvas
openvas
FreeBSD Ports: phpMyAdmin
2012-04-30 00:00:00
FreeBSD Ports: phpMyAdmin
2012-04-30 00:00:00
phpMyAdmin Information Disclosure Vulnerability (PMASA-2012-2) - Active Check
2012-04-17 00:00:00
veracode
veracode
Path Information Disclosure
2017-07-20 06:15:23
ubuntucve
ubuntucve
CVE-2012-1902
2012-04-06 00:00:00
seebug
seebug
phpMyAdmin 3.x 'show_config_errors.php'完整路径信息泄露漏洞
2012-05-03 00:00:00
cvelist
cvelist
CVE-2012-1902
2012-04-06 19:00:00
cve
cve
CVE-2012-1902
2012-04-06 19:55:01
fedora
fedora
[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.0-1.fc17
2012-05-02 04:49:15
[SECURITY] Fedora 15 Update: phpMyAdmin-3.5.0-1.fc15
2012-05-01 00:49:16
[SECURITY] Fedora 16 Update: phpMyAdmin-3.5.0-1.fc16
2012-05-01 00:55:48
securityvulns
securityvulns
[ MDVSA-2012:050 ] phpmyadmin
2012-04-09 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2012-04-09 00:00:00

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

EPSS

0.007

Percentile

79.8%

JSON
Related for A81161D2-790F-11E1-AC16-E0CB4E266481
debiancve1nessus5nvd1phpmyadmin1prion1openvas9veracode1ubuntucve1seebug1cvelist1cve1fedora3securityvulns2