Vulnerability Details CVE-2005-0567
Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.014
EPSS Ranking 79.5%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=bugtraq&m=110929725801154&w=2
- http://secunia.com/advisories/14382/
- http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-1
- http://www.securityfocus.com/bid/12645
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19465
- http://marc.info/?l=bugtraq&m=110929725801154&w=2
- http://secunia.com/advisories/14382/
- http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-1
- http://www.securityfocus.com/bid/12645
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19465
Products affected by CVE-2005-0567
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.1