FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyadmin -- information disclosure vulnerability

Affected packages
phpmyadmin <
phpMyAdmin <


VuXML ID a7062952-9023-11d9-a22c-0001020eed82
Discovery 2005-02-22
Entry 2005-03-08

A phpMyAdmin security announcement reports:

By calling some scripts that are part of phpMyAdmin in an unexpected way (especially scripts in the libraries subdirectory), it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed.

Mitigation factor: This path disclosure is possible on servers where the recommended setting of the PHP configuration directive display_errors is set to on, which is against the recommendations given in the PHP manual.


CVE Name CVE-2005-0544