CVE-2016-2044
CVE-2016-2044
libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.htmlhttps://github.com/phpmyadmin/phpmyadmin/commit/c57d3cc7b97b5f32801032f7bb222297aa97dfeahttp://www.phpmyadmin.net/home_page/security/PMASA-2016-8.php