CVE-2013-4999 Information

Description

phpMyAdmin 4.0.x before 4.0.4.2 allows remote attackers to obtain sensitive information via an invalid request which reveals the installation path in an error message related to Error.class.php and Error_Handler.class.php.

Reference

http://www.phpmyadmin.net/home_page/security/PMASA-2013-12.php