phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory.Referenceshttp://marc.info/?l=bugtraq&m=113208319104035&w=2http://securityreason.com/securityalert/185http://www.osvdb.org/20914http://www.osvdb.org/20912http://securitytracker.com/id?1015213http://www.fitsec.com/advisories/FS-05-02.txthttp://www.osvdb.org/20911http://www.osvdb.org/20913
