Page 11 of 54 results (0.012 seconds)

CVSS: 5.0EPSS: 0%CPEs: 36EXPL: 1

phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to select_lang.lib.php, which reveals the path in a PHP error message. • http://securitytracker.com/id?1013210 •

CVSS: 5.0EPSS: 1%CPEs: 29EXPL: 2

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter. Vulnerabilidad de atravesamiento de directorios en export.php en phpMyAdmin 2.5.5 y anteriores permite a atacantes remotos leer ficheros arbitrarios mediante secuencias .. (punto punto) en el parámetro what • https://www.exploit-db.com/exploits/23640 http://marc.info/?l=bugtraq&m=107582619125932&w=2 http://secunia.com/advisories/10769 http://security.gentoo.org/glsa/glsa-200402-05.xml http://sourceforge.net/forum/forum.php?forum_id=350228 http://www.osvdb.org/3800 http://www.phpmyadmin.net/home_page/relnotes.php?rel=0 http://www.securityfocus.com/bid/9564 https://exchange.xforce.ibmcloud.com/vulnerabilities/15021 •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0

phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into (1) the strCopyTableOK argument in tbl_copy.php, or (2) the strRenameTableOK argument in tbl_rename.php. • http://freshmeat.net/redir/phpmyadmin/8001/url_changelog http://www.securityfocus.com/archive/1/200596 http://www.securityfocus.com/bid/3121 •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. • http://archives.neohapsis.com/archives/bugtraq/2001-04/0396.html http://www.securityfocus.com/bid/2642 •