Vulnerability Details CVE-2004-0129
Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.117
EPSS Ranking 93.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=107582619125932&w=2
- http://secunia.com/advisories/10769
- http://security.gentoo.org/glsa/glsa-200402-05.xml
- http://sourceforge.net/forum/forum.php?forum_id=350228
- http://www.osvdb.org/3800
- http://www.phpmyadmin.net/home_page/relnotes.php?rel=0
- http://www.securityfocus.com/bid/9564
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15021
- http://marc.info/?l=bugtraq&m=107582619125932&w=2
- http://secunia.com/advisories/10769
- http://security.gentoo.org/glsa/glsa-200402-05.xml
- http://sourceforge.net/forum/forum.php?forum_id=350228
- http://www.osvdb.org/3800
- http://www.phpmyadmin.net/home_page/relnotes.php?rel=0
- http://www.securityfocus.com/bid/9564
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15021
Products affected by CVE-2004-0129
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.0
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.2
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.3
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.4
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.0.5
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.1.1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.1.2
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.2
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.3
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.4
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.5
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.6
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2_pre1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2_rc1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2_rc2
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2_rc3
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.3.1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.3.2
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.4.0
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.0
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.2
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.4
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5_pl1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5_rc1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5_rc2