vulnerability
phpMyAdmin: Information Exposure (CVE-2016-2038)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:P/I:N/A:N) | Feb 19, 2016 | May 4, 2017 | Mar 7, 2024 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Feb 19, 2016
Added
May 4, 2017
Modified
Mar 7, 2024
Description
phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.
Solution
phpmyadmin-upgrade-latest
References
- CVE-2016-2038
- https://attackerkb.com/topics/CVE-2016-2038
- URL-http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html
- URL-http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html
- URL-http://lists.opensuse.org/opensuse-updates/2016-02/msg00028.html
- URL-http://lists.opensuse.org/opensuse-updates/2016-02/msg00049.html
- URL-http://www.phpmyadmin.net/home_page/security/PMASA-2016-1.php
- URL-https://github.com/phpmyadmin/phpmyadmin/commit/447c88f4884fe30a25d38c331c31d820a19f8c93
- URL-https://github.com/phpmyadmin/phpmyadmin/commit/5aee5035646c4fc617564cb0d3d58c0435d64d81
- URL-https://github.com/phpmyadmin/phpmyadmin/commit/76b10187c38634a29d6780f99f6dcd796191073b
- URL-https://github.com/phpmyadmin/phpmyadmin/commit/85ccdbb5b9c6c7a9830e5cb468662837a59a7aa3
- URL-https://github.com/phpmyadmin/phpmyadmin/commit/d4b9c22c1f8465bda5b6a83dc7e2cf59c3fe44e1
- URL-https://github.com/phpmyadmin/phpmyadmin/commit/f83b52737e321005959497d8e8f59f8aaedc9048
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.