Mysql Server · Phpmyadmin · CVE-2008-1567
**Name of the Vulnerable Software and Affected Versions**
phpMyAdmin versions prior to 2.11.5.1
**Description**
The issue allows local users to obtain sensitive information, including the MySQL `username`, `password`, and the `Blowfish` secret key, which are stored in cleartext in a Session file under /tmp.
**Recommendations**
For versions prior to 2.11.5.1, update to version 2.11.5.1 or later to resolve the issue.