Lucene search

[email protected]NVD:CVE-2008-1924

HistoryApr 23, 2008 - 4:05 p.m.

CVE-2008-1924

2008-04-2316:05:00

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

AI Score

5.1

Confidence

High

EPSS

0.003

Percentile

70.7%

JSON

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.

Affected configurations

Nvd

Node

phpmyadminphpmyadminRange≤2.11.5.1

phpmyadminphpmyadminMatch2.10.0

phpmyadminphpmyadminMatch2.10.0.1

phpmyadminphpmyadminMatch2.10.0.2

phpmyadminphpmyadminMatch2.10.1

phpmyadminphpmyadminMatch2.10.2

phpmyadminphpmyadminMatch2.10.3

phpmyadminphpmyadminMatch2.10.3rc1

phpmyadminphpmyadminMatch2.11.0

phpmyadminphpmyadminMatch2.11.0beta1

phpmyadminphpmyadminMatch2.11.0rc1

phpmyadminphpmyadminMatch2.11.1

phpmyadminphpmyadminMatch2.11.1.1

phpmyadminphpmyadminMatch2.11.1.2

phpmyadminphpmyadminMatch2.11.1rc1

phpmyadminphpmyadminMatch2.11.2

phpmyadminphpmyadminMatch2.11.2.1

phpmyadminphpmyadminMatch2.11.2.2

phpmyadminphpmyadminMatch2.11.3

phpmyadminphpmyadminMatch2.11.3rc1

phpmyadminphpmyadminMatch2.11.4

phpmyadminphpmyadminMatch2.11.4rc1

phpmyadminphpmyadminMatch2.11.5

phpmyadminphpmyadminMatch2.11.6rc1

VendorProductVersionCPE
phpmyadminphpmyadmin*cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.10.0cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.10.0.1cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.0.1:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.10.0.2cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.0.2:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.10.1cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.1:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.10.2cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.2:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.10.3cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.3:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.10.3rc1cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.3rc1:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.0cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin2.11.0beta1cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0beta1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpmyadmin	phpmyadmin	*	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::
phpmyadmin	phpmyadmin	2.10.0	cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.0:::::::*
phpmyadmin	phpmyadmin	2.10.0.1	cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.0.1:::::::*
phpmyadmin	phpmyadmin	2.10.0.2	cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.0.2:::::::*
phpmyadmin	phpmyadmin	2.10.1	cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.1:::::::*
phpmyadmin	phpmyadmin	2.10.2	cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.2:::::::*
phpmyadmin	phpmyadmin	2.10.3	cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.3:::::::*
phpmyadmin	phpmyadmin	2.10.3rc1	cpe:2.3:a:phpmyadmin:phpmyadmin:2.10.3rc1:::::::*
phpmyadmin	phpmyadmin	2.11.0	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:::::::*
phpmyadmin	phpmyadmin	2.11.0beta1	cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0beta1:::::::*