Vulnerability Details CVE-2005-3622
phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 69.1%
CVSS Severity
CVSS v2 Score 5.0
References
- http://marc.info/?l=bugtraq&m=113208319104035&w=2
- http://securityreason.com/securityalert/185
- http://securitytracker.com/id?1015213
- http://www.fitsec.com/advisories/FS-05-02.txt
- http://www.osvdb.org/20911
- http://www.osvdb.org/20912
- http://www.osvdb.org/20913
- http://www.osvdb.org/20914
- http://marc.info/?l=bugtraq&m=113208319104035&w=2
- http://securityreason.com/securityalert/185
- http://securitytracker.com/id?1015213
- http://www.fitsec.com/advisories/FS-05-02.txt
- http://www.osvdb.org/20911
- http://www.osvdb.org/20912
- http://www.osvdb.org/20913
- http://www.osvdb.org/20914
Products affected by CVE-2005-3622
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.0
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.2.7_pl1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.2_pl1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.3
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.4
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.5_pl1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.6_rc2
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.5.7_pl1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.0_pl3
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.1_pl3
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.2_pl1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.3_pl1
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_pl3
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.4_pl4
-
cpe:2.3:a:phpmyadmin:phpmyadmin:2.7.0_beta1