phpmyadmin
Page content
- Author: vmiklos
- Vulnerable: 2.11.5-1
- Unaffected: 2.11.5.1-1kalgan1
im Hermann has discovered a vulnerability in phpMyAdmin, which can potentially be exploited by malicious users to disclose sensitive information. The MySQL username, password, and the Blowfish secret key are stored as plain text in session files. This can potentially be exploited e.g. by users on shared hosts to access that information.
- Bug Tracker URL: http://bugs.frugalware.org/task/2917