{"id":"CVE-2016-2044","details":"libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message.","modified":"2026-05-17T11:54:25.671198209Z","published":"2016-02-20T01:59:07.563Z","related":["openSUSE-SU-2024:10054-1"],"database_specific":{"unresolved_ranges":[{"source":"CPE_FIELD","extracted_events":[{"last_affected":"22"},{"last_affected":"23"}],"vendor_product":"fedoraproject:fedora","cpes":["cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"]}]},"references":[{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176483.html"},{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176739.html"},{"type":"FIX","url":"http://www.phpmyadmin.net/home_page/security/PMASA-2016-8.php"},{"type":"FIX","url":"https://github.com/phpmyadmin/phpmyadmin/commit/c57d3cc7b97b5f32801032f7bb222297aa97dfea"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}