CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
EPSS
Percentile
79.8%
The phpMyAdmin development team reports:
The show_config_errors.php scripts did not validate the presence
of the configuration file, so an error message shows the full path
of this file, leading to possible further attacks. For the error
messages to be displayed, php.iniâs error_reporting must be set to
E_ALL and display_errors must be On (these settings are not
recommended on a production server in the PHP manual).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | phpmyadmin | <Â 3.4.10.2 | UNKNOWN |