Computer Security

CVE-2008-1924
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2008-1924
StatusCandidate
DescriptionUnspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows attackers with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.
PhaseAssigned (23.04.2008)
SecurityVulns:Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
 Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1924
ReferencesCONFIRM : http://www.phpmyadmin.net/home_page/security.php?i...
 DEBIAN : DSA-1557
 FRSIRT : ADV-2008-1328
 SECUNIA : 29944
 SECUNIA : 29964
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
 


Рейтинг@Mail.ru