6 matches found
EUVD-2004-1146
Malware in sbrugna...
CVE-2004-1148
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sqllocalfile parameter...
CVE-2004-1148
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sqllocalfile parameter...
CVE-2004-1148
CVE-2004-1148 affects phpMyAdmin releases prior to 2.6.1 when UploadDir is enabled. The underlying issue lets an attacker read arbitrary files via the sql_localfile parameter, constituting a file-disclosure vulnerability with partial confidentiality impact (CVSS base 5.0). Public references indic...
CVE-2004-1148
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sqllocalfile parameter...
phpmyadmin -- file disclosure vulnerability
A phpMyAdmin security announcement reports: File disclosure: on systems where the UploadDir mecanism is active, readdump.php can be called with a crafted form; using the fact that the sqllocalfile variable is not sanitized can lead to a file disclosure. Enabling PHP safe mode on the server can be...