CVE-2005-4079
https://notcve.org/view.php?id=CVE-2005-4079
The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote attackers to exploit other vulnerabilities in phpMyAdmin by modifying the import_blacklist variable in grab_globals.php, which can then be used to overwrite other variables. • http://secunia.com/advisories/17925 http://secunia.com/advisories/17957 http://secunia.com/advisories/18618 http://securityreason.com/securityalert/237 http://www.gentoo.org/security/en/glsa/glsa-200512-03.xml http://www.hardened-php.net/advisory_252005.110.html http://www.osvdb.org/21508 http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0 http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-9 http://www.securityfocus.com/archive/1/418834/100/0/t •
CVE-2005-3622
https://notcve.org/view.php?id=CVE-2005-3622
phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory. phpMyAdmin 2.7.0-beta1 y anteriores permiten a atacantes remotos obtener la ruta completa del servidor mediante peticiones directas a varios scripts en el directorio de bibliotecas. • http://marc.info/?l=bugtraq&m=113208319104035&w=2 http://securityreason.com/securityalert/185 http://securitytracker.com/id?1015213 http://www.fitsec.com/advisories/FS-05-02.txt http://www.osvdb.org/20911 http://www.osvdb.org/20912 http://www.osvdb.org/20913 http://www.osvdb.org/20914 •