CVE-2013-4998
EPSS 0.25%
Description
phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request, which reveals the installation path in an error message, related to pmd_common.php and other files.
How to fix CVE-2013-4998
To remediate CVE-2013-4998, upgrade the affected package to a fixed version below.
- Debian/phpmyadmin—upgrade to 4:4.0.4.2-1 or later
Is CVE-2013-4998 being exploited?
Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4:4.0.4.2-1