Back to search
CVE-2008-1924
Published: Apr 23, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SR:2009:003
vendor-advisory
x_refsource_SUSE
28906
vdb-entry
x_refsource_BID
GLSA-200805-02
vendor-advisory
x_refsource_GENTOO
DSA-1557
vendor-advisory
x_refsource_DEBIAN
32834
third-party-advisory
x_refsource_SECUNIA
29964
third-party-advisory
x_refsource_SECUNIA
30816
third-party-advisory
x_refsource_SECUNIA
phpmyadmin-unspecified-info-disclosure(41964)
vdb-entry
x_refsource_XF
33822
third-party-advisory
x_refsource_SECUNIA
29944
third-party-advisory
x_refsource_SECUNIA
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2008-3
x_refsource_CONFIRM
30034
third-party-advisory
x_refsource_SECUNIA
ADV-2008-1328
vdb-entry
x_refsource_VUPEN
SUSE-SR:2008:026
vendor-advisory
x_refsource_SUSE
MDVSA-2008:131
vendor-advisory
x_refsource_MANDRIVA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now