CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
Confidence
High
EPSS
Percentile
87.5%
PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files via the $__redirect parameter, possibly involving the subform array.
Recent assessments:
litonhh1 at November 03, 2022 5:05pm UTC reported:
nmap βscript exploit 164.100.94.186
Disclosure date: 2005-10-nil
| Extra information:
| β¦/β¦/β¦/β¦/β¦/etc/passwd :
| <html>``<head>``<title>
Request Rejected</title>``</head>``<body>
The requested URL was rejected. Please consult with your administrator.<br>``<br>
Your support ID is: 16035532474987810818<br>``<br>``<a href>
[Go Back]</a>``</body>``</html>
| References:
| <https://vulners.com/cve/CVE-2005-3299>
|_ <http://www.exploit-db.com/exploits/1244/>
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 5