Red Hat Bugzilla – Bug 1302685
CVE-2016-2044 phpMyAdmin: Full path disclosure vulnerability in SQL parser (PMASA-2016-8)
Last modified: 2016-11-28 09:48:13 EST
By calling a particular script that is part of phpMyAdmin in an unexpected
way, it is possible to trigger phpMyAdmin to display a PHP error message
which contains the full path of the directory where phpMyAdmin is installed.
Created phpMyAdmin tracking bugs for this issue:
Affects: fedora-all [bug 1302790]
Affects: epel-all [bug 1302791]
phpMyAdmin-4.5.4-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
phpMyAdmin-126.96.36.199-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.