Lucene search

FreeBSD88188A8C-EFF6-11D9-8310-0001020EED82

HistoryJul 05, 2005 - 12:00 a.m.

phppgadmin -- "formLanguage" local file inclusion vulnerability

2005-07-0500:00:00

vuxml.freebsd.org

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS

0.016

Percentile

87.2%

JSON

A Secunia Advisory reports:

A vulnerability has been reported in phpPgAdmin, which
can be exploited by malicious people to disclose sensitive
information.
Input passed to the “formLanguage” parameter in
“index.php” isn’t properly verified, before it is used to
include files. This can be exploited to include arbitrary
files from local resources.
Successful exploitation requires that “magic_quotes_gpc”
is disabled.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphppgadmin< 3.5.4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	phppgadmin	< 3.5.4	UNKNOWN

References

secunia.com/advisories/15941/

sourceforge.net/project/shownotes.php?release_id=342261

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS

0.016

Percentile

87.2%

JSON

Related for 88188A8C-EFF6-11D9-8310-0001020EED82