DEBIAN-CVE-2004-0129

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. dot dot sequences in the what parameter...

CVE-2004-0129

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. dot dot sequences in the what parameter...

CVE-2004-0129

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. dot dot sequences in the what parameter...

file disclosure in phpMyAdmin

Lack of proper input validation in phpMyAdmin may allow an attacker to obtain the contents of any file on the target system that is readable by the web server...

phpMyAdmin < 2.5.6-rc1: possible attack against export.php

Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databased over the Web. Description One component of the phpMyAdmin software package export.php does not properly verify input that is passed to it from a remote user. Since the input is used to include...

phpMyAdmin 2.x - Export.php File Disclosure

phpMyAdmin 2.x - Export.php File Disclosure source: https://www.securityfocus.com/bid/9564/info phpMyAdmin is prone to a vulnerability that may permit remote attackers to gain access to files that are readable by the hosting web server. The issue is reported to exist in the 'export.php' script an...

Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Summary : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW. There is a vulnerability in the current stable version of phpMyAdmin...

phpMyAdmin255pl1.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Summary : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW. There is a vulnerability in the current stable version of phpMyAdmin...

phpMyAdmin 2.x - &#039;Export.php&#039; File Disclosure

source: https://www.securityfocus.com/bid/9564/info phpMyAdmin is prone to a vulnerability that may permit remote attackers to gain access to files that are readable by the hosting web server. The issue is reported to exist in the 'export.php' script and may be exploited by providing directory...

phpMyAdmin export.php what Parameter Traversal Arbitrary File Access

There is a bug in the remote version of phpMyAdmin that may allow an attacker to read arbitrary files on the remote web server with the privileges of the web user or even execute arbitrary PHP code. Successful exploitation of this issue requires that PHP's 'magicquotesgpc' setting be disabled...

phpMyAdmin XSS Vulnerabilities, Transversal Directory Attack , Information Encoding Weakness and Path Disclosures

phpMyAdmin XSS Vulnerabilities, Transversal Directory Attack , Information Encoding Weakness and Path Disclosures -------------------- Product: phpMyAdmin Vendor: phpMyAdmin Development Team Versions: VULNERABLE - 2.5.2 CVS in Development - 2.5.x - 2.4.x - 2.3.x - 2.2.x - 2.1.x - 2.0.x - 1.x.x NO...

phpMyAdmin 2.x - Information Disclosure

source: https://www.securityfocus.com/bid/7963/info A vulnerability has been reported for phpMyAdmin that may reveal the contents of directories to remote attackers. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, dot-dot-slash '../' directory...

phpMyAdmin < 2.5.2 Multiple Vulnerabilities

The remote host is running a version of phpMyAdmin that is vulnerable to several attacks : - It may be tricked into disclosing the physical path of the remote PHP installation. - It is vulnerable to cross-site scripting that could allow an attacker to steal the cookies of your users. - It is...

Several security issues were reported to BugTraq mailing list. However most of these issues were already fixed some time ago.

PMASA-2003-1 Announcement-ID: PMASA-2003-1 Date: 2003-06-18 Summary Several security issues were reported to BugTraq mailing list. However most of these issues were already fixed some time ago. Description Reporter wrote that he found following issues within phpMyAdmin code each issue is followed...

phpMyAdmin 2.x - Information Disclosure

phpMyAdmin 2.x - Information Disclosure source: https://www.securityfocus.com/bid/7963/info A vulnerability has been reported for phpMyAdmin that may reveal the contents of directories to remote attackers. The vulnerability exists due to insufficient sanitization of user-supplied input...

phpMyAdmin sql.php Traversal Arbitrary File Access

It is possible to make the remote phpMyAdmin installation read arbitrary data on the remote host. An attacker may use this flaw to read arbitrary files that your web server has the right to access or execute arbitrary PHP code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref:...

CVE-2001-1060

phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into 1 the strCopyTableOK argument in tblcopy.php, or 2 the strRenameTableOK argument in tblrename.php...

CVE-2001-1060

phpMyAdmin 2.2.0rc3 and earlier is affected by CVE-2001-1060. The vulnerability is tied to two PHP scripts, tbl_copy.php and tbl_rename.php, where eval is used on user-controlled values (strCopyTableOK and strRenameTableOK). An attacker can craft a URL that, under certain conditions (including th...

New command execution vulnerability in myPhpAdmin

--/ Product: phpMyAdmin versions = 2.2.0rc3 --/ Problem: Arbitrary remote command execution --/ Severity: High --/ Author: Carl Livitt carl AT ititc DOT com --/ Date: 31 July 2001 ---------------------------------------------- History ------- Further to the excellent research done by Shaun Clowes...

CVE-2001-1060

phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting them into 1 the strCopyTableOK argument in tblcopy.php, or 2 the strRenameTableOK argument in tblrename.php...