Lucene search

FreeBSD88188A8C-EFF6-11D9-8310-0001020EED82

HistoryJul 05, 2005 - 12:00 a.m.

phppgadmin -- "formLanguage" local file inclusion vulnerability

2005-07-0500:00:00

vuxml.freebsd.org

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.016 Low

EPSS

Percentile

87.0%

JSON

A Secunia Advisory reports:

A vulnerability has been reported in phpPgAdmin, which
can be exploited by malicious people to disclose sensitive
information.
Input passed to the “formLanguage” parameter in
“index.php” isn’t properly verified, before it is used to
include files. This can be exploited to include arbitrary
files from local resources.
Successful exploitation requires that “magic_quotes_gpc”
is disabled.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphppgadmin< 3.5.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	phppgadmin	< 3.5.4	UNKNOWN

References

secunia.com/advisories/15941/

sourceforge.net/project/shownotes.php?release_id=342261

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.016 Low

EPSS

Percentile

87.0%

JSON

Related for 88188A8C-EFF6-11D9-8310-0001020EED82