CVE-2005-3299

2005-10-2321:02:00

mitre

web.nvd.nist.gov

308

In Wild

php

file inclusion

vulnerability

phpmyadmin

cve-2005-3299

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

9.2

Confidence

High

EPSS

0.016

Percentile

87.5%

JSON

PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files via the $__redirect parameter, possibly involving the subform array.

Affected configurations

Nvd

Node

phpmyadminphpmyadminMatch2.6.4

phpmyadminphpmyadminMatch2.6.4_pl1

VendorProductVersionCPE
phpmyadminphpmyadmin2.6.4cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.6.4_pl1cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_pl1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpmyadmin	phpmyadmin	2.6.4	cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4:::::::*
phpmyadmin	phpmyadmin	2.6.4_pl1	cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_pl1:::::::*