CVE-2014-8961
EPSS 1.4%
Description
Directory traversal vulnerability in libraries/error_report.lib.php in the error-reporting feature in phpMyAdmin 4.1.x before 4.1.14.7 and 4.2.x before 4.2.12 allows remote authenticated users to obtain potentially sensitive information about a file's line count via a crafted parameter.
How to fix CVE-2014-8961
To remediate CVE-2014-8961, upgrade the affected package to a fixed version below.
- Debian/phpmyadmin—upgrade to 4:4.2.12-1 or later
Is CVE-2014-8961 being exploited?
Low — EPSS is 1.4%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 4:4.2.12-1