Описание
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2008-1924
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41964
- http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html
- http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html
- http://secunia.com/advisories/29944
- http://secunia.com/advisories/29964
- http://secunia.com/advisories/30034
- http://secunia.com/advisories/30816
- http://secunia.com/advisories/32834
- http://secunia.com/advisories/33822
- http://security.gentoo.org/glsa/glsa-200805-02.xml
- http://www.debian.org/security/2008/dsa-1557
- http://www.mandriva.com/security/advisories?name=MDVSA-2008:131
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-3
- http://www.securityfocus.com/bid/28906
- http://www.vupen.com/english/advisories/2008/1328/references
Связанные уязвимости
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running ...