CVE-2006-6943
phpMyAdmin 2.x - Multiple Script Array Handling Full Path Disclosures
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[], and (6) tbl_group[] array arguments to (c) index.php, and the (7) back[] argument to (d) sql.php; and an invalid (8) sort_by parameter to (e) server_databases.php and (9) db parameter to (f) db_printview.php.
PhpMyAdmin en versiones anteriores a 2.9.1.1 permite a atacantes remotos obtener la ruta completa del servidor a través de peticiones directas a (a) scripts/check_lang.php y (b) themes/darkblue_orange/layout.inc.php; y a través de los argumentos de array (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[] y (6) tbl_group[] en (c) index.php y el argumento (7) back[] en(d) sql.php; y un parámetro no válido (8) sort_by en (e) server_databases.php y (9) el parámetro db en (f) db_printview.php.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-09-15 First Exploit
- 2007-01-18 CVE Reserved
- 2007-01-19 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://marc.info/?l=bugtraq&m=116370414309444&w=2 | Mailing List | |
| http://www.securityfocus.com/bid/21137 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/29062 | 2006-09-15 |
| URL | Date | SRC |
|---|---|---|
| http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-8 | 2016-11-18 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Phpmyadmin Search vendor "Phpmyadmin" | Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin" | <= 2.9.1 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version " <= 2.9.1" | - |
Affected
| ||||||
| Phpmyadmin Search vendor "Phpmyadmin" | Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin" | 2.9.0 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "2.9.0" | - |
Affected
| ||||||
| Phpmyadmin Search vendor "Phpmyadmin" | Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin" | 2.9.0.1 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "2.9.0.1" | - |
Affected
| ||||||
| Phpmyadmin Search vendor "Phpmyadmin" | Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin" | 2.9.0.2 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "2.9.0.2" | - |
Affected
| ||||||
| Phpmyadmin Search vendor "Phpmyadmin" | Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin" | 2.9.0.3 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "2.9.0.3" | - |
Affected
| ||||||
| Phpmyadmin Search vendor "Phpmyadmin" | Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin" | 2.9.0_beta1 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "2.9.0_beta1" | - |
Affected
| ||||||
| Phpmyadmin Search vendor "Phpmyadmin" | Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin" | 2.9.0_rc1 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "2.9.0_rc1" | - |
Affected
| ||||||
| Phpmyadmin Search vendor "Phpmyadmin" | Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin" | 2.9.1_rc1 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "2.9.1_rc1" | - |
Affected
| ||||||
| Phpmyadmin Search vendor "Phpmyadmin" | Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin" | 2.9.1_rc2 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "2.9.1_rc2" | - |
Affected
| ||||||