Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1924HistoryApr 23, 2008 - 4:05 p.m.
CVE-2008-1924
2008-04-2316:05:00
Debian Security Bug Tracker
security-tracker.debian.org
6
0.003 Low
EPSS
Percentile
65.8%
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | phpmyadmin | < 4:2.11.5.2-1 | phpmyadmin_4:2.11.5.2-1_all.deb |
| Debian | 11 | all | phpmyadmin | < 4:2.11.5.2-1 | phpmyadmin_4:2.11.5.2-1_all.deb |
| Debian | 999 | all | phpmyadmin | < 4:2.11.5.2-1 | phpmyadmin_4:2.11.5.2-1_all.deb |
| Debian | 13 | all | phpmyadmin | < 4:2.11.5.2-1 | phpmyadmin_4:2.11.5.2-1_all.deb |
Related
nessus
nessus
FreeBSD : phpmyadmin -- Shared Host Information Disclosure (fe971a0f-1246-11dd-bab7-0016179b2dd5)
2008-04-28 00:00:00
GLSA-200805-02 : phpMyAdmin: Information disclosure
2008-05-09 00:00:00
Debian DSA-1557-1 : phpmyadmin - insufficient input sanitising
2008-04-28 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200805-02 (phpmyadmin)
2008-09-24 00:00:00
FreeBSD Ports: phpmyadmin
2008-09-04 00:00:00
FreeBSD Ports: phpmyadmin
2008-09-04 00:00:00
ubuntucve
ubuntucve
CVE-2008-1924
2008-04-23 00:00:00
phpmyadmin
phpmyadmin
File disclosure on shared hosts via a crafted HTTP POST request.
2008-04-22 00:00:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2008-05-06 00:00:00
[ GLSA 200805-02 ] phpMyAdmin: Information disclosure
2008-05-06 00:00:00
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities
2008-04-27 00:00:00
prion
prion
Design/Logic Flaw
2008-04-23 16:05:00
redhatcve
redhatcve
CVE-2008-1924
2019-10-04 19:49:05
freebsd
freebsd
phpmyadmin -- Shared Host Information Disclosure
2008-04-23 00:00:00
gentoo
gentoo
phpMyAdmin: Information disclosure
2008-05-05 00:00:00
cve
cve
CVE-2008-1924
2008-04-23 16:05:00
osv
osv
phpmyadmin - several vulnerabilities
2008-04-24 00:00:00
debian
debian
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities
2008-04-24 20:32:29