CVE-2004-2632

phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg'Servers' variables...

CVE-2004-2630

The MIME transformation system transformations/textplainexternal.inc.php in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors...

CVE-2004-2632

phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg'Servers' variables...

DEBIAN-CVE-2004-2632

phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg'Servers' variables...

CVE-2004-2631

Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name...

GLSA-200412-19 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200412-19 phpMyAdmin: Multiple vulnerabilities Nicolas Gregoire exaprobe.com has discovered two vulnerabilities that exist only on a webserver where PHP safemode is off. These vulnerabilities could lead to command execution or fil...

phpMyAdmin: Multiple vulnerabilities

Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. Description Nicolas Gregoire exaprobe.com has discovered two vulnerabilities that exist only on a webserver where PHP safemode is off. These vulnerabilities could lead to...

CVE-2004-1147

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters...

CVE-2004-1147

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters...

CVE-2004-1147

Affected software: phpMyAdmin 2.6.0-pl2 and earlier versions before 2.6.1. Vulnerable condition: external MIME-based transformations enabled. Root cause: input containing shell metacharacters leads to remote command execution. Impact: allows remote attackers to execute arbitrary commands on the s...

CVE-2004-1148

CVE-2004-1148 affects phpMyAdmin releases prior to 2.6.1 when UploadDir is enabled. The underlying issue lets an attacker read arbitrary files via the sql_localfile parameter, constituting a file-disclosure vulnerability with partial confidentiality impact (CVSS base 5.0). Public references indic...

CVE-2004-1148

phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sqllocalfile parameter...

CVE-2004-1148

phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sqllocalfile parameter...

Multiple vulnerabilities in phpMyAdmin

Exaprobe www.exaprobe.com Security Advisory Advisory Name: Multiple vulnerabilities in phpMyAdmin Release Date: 13 December 2004 Application: phpMyAdmin prior to 2.6.1-rc1 Platform: Any webserver running PHP Severity: Remote code execution Author: Nicolas Gregoire [email protected] Vendor...

phpMyAdmin 2.x - External Transformations Remote Command Execution

source: https://www.securityfocus.com/bid/11886/info phpMyAdmin is reported prone to multiple remote vulnerabilities. These issues can allow remote attackers to execute arbitrary commands and disclose files on a vulnerable computer. These issues result from insufficient sanitization of...

phpmyadmin -- file disclosure vulnerability

A phpMyAdmin security announcement reports: File disclosure: on systems where the UploadDir mecanism is active, readdump.php can be called with a crafted form; using the fact that the sqllocalfile variable is not sanitized can lead to a file disclosure. Enabling PHP safe mode on the server can be...

Two vulnerabilities were found in phpMyAdmin, that may allow command execution and file disclosure.

PMASA-2004-4 Announcement-ID: PMASA-2004-4 Date: 2004-12-13 Summary Two vulnerabilities were found in phpMyAdmin, that may allow command execution and file disclosure. Description We received a security advisory from Nicolas Gregoire exaprobe.com about those vulnerabilities and we wish to thank h...

phpmyadmin -- command execution vulnerability

A phpMyAdmin security announcement reports: Command execution: since phpMyAdmin 2.6.0-pl2, on a system where external MIME-based transformations are activated, an attacker can put into MySQL data an offensive value that starts a shell command when browsed. Enabling PHP safe mode on the server can...

phpMyAdmin 2.x - External Transformations Remote Command Execution

phpMyAdmin 2.x - External Transformations Remote Command Execution source: https://www.securityfocus.com/bid/11886/info phpMyAdmin is reported prone to multiple remote vulnerabilities. These issues can allow remote attackers to execute arbitrary commands and disclose files on a vulnerable compute...

phpMyAdmin < 2.6.1-pl1 RCE

Binary data 2452.prm...