4627 matches found
phpMyAdmin 'what'参数本地文件包含漏洞
BUGTRAQ ID: 59462 CVECAN ID: CVE-2013-3240 phpmyadmin是MySQL数据库的在线管理工具,主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。 phpMyAdmin 4.0.0-rc3之前版本的Exprot功能存在目录遍历漏洞,经过身份验证的远程用户通过指定特制导出类型的参数,利用此漏洞可以包含任意文件,导致任意代码执行。 Php script "export.php" line 20: ------------------------ source code start...
phpMyAdmin Authenticated Remote Code Execution via preg_replace()
This module exploits a PREGREPLACEEVAL vulnerability in phpMyAdmin's replaceprefixtbl within libraries/multsubmits.inc.php via dbsettings.php This affects versions 3.5.x 5.4.6 are not vulnerable. This module requires Metasploit: https://metasploit.com/download Current source:...
CVE-2013-3238
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a pregreplace function call within the "Replace table prefix" feature...
CVE-2013-3239
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTT...
CVE-2013-3240
Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type...
CVE-2013-3241
export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...
CVE-2013-3238
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a pregreplace function call within the "Replace table prefix" feature...
CVE-2013-3239
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTT...
Design/Logic Flaw
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTT...
Design/Logic Flaw
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a pregreplace function call within the "Replace table prefix" feature...
Design/Logic Flaw
export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...
CVE-2013-3238
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a pregreplace function call within the "Replace table prefix" feature...
CVE-2013-3239
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTT...
CVE-2013-3240
Directory traversal vulnerability in the Export feature in phpMyAdmin 4.x before 4.0.0-rc3 allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type...
CVE-2013-3241
export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...
CVE-2013-3238
CVE-2013-3238 affects phpMyAdmin: versions 3.5.x before 3.5.8.1 and 4.x before 4.0.0-rc3 allow remote authenticated users to execute arbitrary PHP code via a /e\x00 sequence in the Replace table prefix flow, before a preg_replace call. Impact is arbitrary code execution in the HTTP server context...
CVE-2013-3239
CVE-2013-3239 affects phpMyAdmin 3.5.x < 3.5.8 and 4.x
CVE-2013-3240
CVE-2013-3240 affects phpMyAdmin 4.x prior to 4.0.0-rc3. The vulnerability enables a directory traversal in the Export feature when an attacker supplies a crafted export type via a parameter, allowing remote authenticated users to read arbitrary files and potentially impact other areas. Exploitat...
CVE-2013-3241
CVE-2013-3241 refers to a vulnerability in phpMyAdmin 4.x prior to 4.0.0-rc3 where export.php overwrites global variables based on the POST contents, enabling remote authenticated users to inject values via crafted requests. This entry is corroborated by NVD, and related advisories describe multi...
CVE-2013-3241
export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...