CVE-2005-0567
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/05/2005
Last modified:
20/11/2024
Description
Multiple PHP remote file inclusion vulnerabilities in phpMyAdmin 2.6.1 allow remote attackers to execute arbitrary PHP code by modifying the (1) theme parameter to phpmyadmin.css.php or (2) cfg[Server][extension] parameter to database_interface.lib.php to reference a URL on a remote web server that contains the code.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:phpmyadmin:phpmyadmin:2.6.1:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://marc.info/?l=bugtraq&m=110929725801154&w=2
- http://secunia.com/advisories/14382/
- http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-1
- http://www.securityfocus.com/bid/12645
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19465
- http://marc.info/?l=bugtraq&m=110929725801154&w=2
- http://secunia.com/advisories/14382/
- http://sourceforge.net/tracker/index.php?func=detail&aid=1149381&group_id=23067&atid=377408
- http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-1
- http://www.securityfocus.com/bid/12645
- https://exchange.xforce.ibmcloud.com/vulnerabilities/19465