Vulnerability Details CVE-2005-1392
The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.1%
CVSS Severity
CVSS v2 Score 4.6
References
- http://bugs.gentoo.org/show_bug.cgi?id=88831
- http://security.gentoo.org/glsa/glsa-200504-30.xml
- http://www.osvdb.org/16053
- http://www.vupen.com/english/advisories/2005/0436
- http://bugs.gentoo.org/show_bug.cgi?id=88831
- http://security.gentoo.org/glsa/glsa-200504-30.xml
- http://www.osvdb.org/16053
- http://www.vupen.com/english/advisories/2005/0436
Products affected by CVE-2005-1392
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2