{"id":"CVE-2012-4219","details":"show_config_errors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file.","modified":"2026-01-27T04:11:18.565615Z","published":"2012-08-21T19:55:00Z","withdrawn":"2026-01-27T04:11:18.565615Z","related":["openSUSE-SU-2024:10054-1"],"references":[{"type":"ADVISORY","url":"http://www.phpmyadmin.net/home_page/security/PMASA-2012-3.php"},{"type":"EVIDENCE","url":"https://github.com/phpmyadmin/phpmyadmin/commit/0f0c2f1e2b3ece41cc1bb99a9931c8fcc7c917bc"},{"type":"WEB","url":"https://hermes.opensuse.org/messages/15513071"}],"schema_version":"1.7.3"}