11 matches found
CVE-2011-2508
Directory traversal vulnerability in libraries/displaytbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in a...
DEBIAN-CVE-2011-2508
Directory traversal vulnerability in libraries/displaytbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in a...
Directory traversal
Directory traversal vulnerability in libraries/displaytbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in a...
CVE-2011-2508
Directory traversal vulnerability in libraries/displaytbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in a...
CVE-2011-2508
CVE-2011-2508 affects phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1. A directory traversal via a crafted GLOBALS[mime_map][$meta->name][transformation] parameter allows remote authenticated users to perform local file inclusion and potentially execute local files. Root cause: insecur...
CVE-2011-2508
Directory traversal vulnerability in libraries/displaytbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1, when a certain MIME transformation feature is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in a...
CVE-2004-2630
The CVE-2004-2630 entry affects phpMyAdmin, specifically the MIME transformation system (transformations/text_plain__external.inc.php) in versions 2.5.0 through 2.6.0-pl1. The root cause is a vulnerability in the MIME-based transformation subsystem that lets remote attackers execute arbitrary she...
DEBIAN-CVE-2004-2630
The MIME transformation system transformations/textplainexternal.inc.php in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors...
GLSA-200410-14 : phpMyAdmin: Vulnerability in MIME-based transformation system
The remote host is affected by the vulnerability described in GLSA-200410-14 phpMyAdmin: Vulnerability in MIME-based transformation system A defect was found in phpMyAdmin's MIME-based transformation system, when used with 'external' transformations. Impact : A remote attacker could exploit this...
phpMyAdmin: Vulnerability in MIME-based transformation system
Background phpMyAdmin is a popular web-based MySQL administration tool written in PHP. It allows users to browse and administer a MySQL database from a web-browser. Transformations are a phpMyAdmin feature allowing plug-ins to rewrite the contents of any column seen in phpMyAdmin's Browsing mode,...
When specifying specially formatted options to external MIME transformation, an attacker can execute any shell command restricted by privileges of httpd user.
PMASA-2004-2 Announcement-ID: PMASA-2004-2 Date: 2004-10-12 Summary When specifying specially formatted options to external MIME transformation, an attacker can execute any shell command restricted by privileges of httpd user. Description phpMyAdmin allows to use MIME transformations for displayi...