Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1924HistoryApr 23, 2008 - 4:05 p.m.
CVE-2008-1924
2008-04-2316:05:00
Debian Security Bug Tracker
security-tracker.debian.org
16
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
EPSS
0.003
Percentile
70.7%
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | phpmyadmin | < 4:2.11.5.2-1 | phpmyadmin_4:2.11.5.2-1_all.deb |
| Debian | 11 | all | phpmyadmin | < 4:2.11.5.2-1 | phpmyadmin_4:2.11.5.2-1_all.deb |
| Debian | 999 | all | phpmyadmin | < 4:2.11.5.2-1 | phpmyadmin_4:2.11.5.2-1_all.deb |
| Debian | 13 | all | phpmyadmin | < 4:2.11.5.2-1 | phpmyadmin_4:2.11.5.2-1_all.deb |
Related
redhatcve
redhatcve
CVE-2008-1924
2019-10-04 19:49:05
prion
prion
Design/Logic Flaw
2008-04-23 16:05:00
openvas
openvas
Gentoo Security Advisory GLSA 200805-02 (phpmyadmin)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200805-02 (phpmyadmin)
2008-09-24 00:00:00
FreeBSD Ports: phpmyadmin
2008-09-04 00:00:00
nessus
nessus
FreeBSD : phpmyadmin -- Shared Host Information Disclosure (fe971a0f-1246-11dd-bab7-0016179b2dd5)
2008-04-28 00:00:00
GLSA-200805-02 : phpMyAdmin: Information disclosure
2008-05-09 00:00:00
Debian DSA-1557-1 : phpmyadmin - insufficient input sanitising
2008-04-28 00:00:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2008-05-06 00:00:00
[ GLSA 200805-02 ] phpMyAdmin: Information disclosure
2008-05-06 00:00:00
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities
2008-04-27 00:00:00
nvd
nvd
CVE-2008-1924
2008-04-23 16:05:00
ubuntucve
ubuntucve
CVE-2008-1924
2008-04-23 00:00:00
phpmyadmin
phpmyadmin
File disclosure on shared hosts via a crafted HTTP POST request.
2008-04-22 00:00:00
cvelist
cvelist
CVE-2008-1924
2008-04-23 16:00:00
gentoo
gentoo
phpMyAdmin: Information disclosure
2008-05-05 00:00:00
freebsd
freebsd
phpmyadmin -- Shared Host Information Disclosure
2008-04-23 00:00:00
cve
cve
CVE-2008-1924
2008-04-23 16:05:00
osv
osv
phpmyadmin - several vulnerabilities
2008-04-24 00:00:00
debian
debian
[SECURITY] [DSA 1557-1] New phpmyadmin packages fix several vulnerabilities
2008-04-24 20:32:28
CVSS2
3.5
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:S/C:P/I:N/A:N
EPSS
0.003
Percentile
70.7%
Related for DEBIANCVE:CVE-2008-1924