Description

Unspecified vulnerability in phpMyAdmin before 2.11.5.2, when running on shared hosts, allows remote authenticated users with CREATE table permissions to read arbitrary files via a crafted HTTP POST request, related to use of an undefined UploadDir variable.

Remediation

References

CVE-2008-1924

Related Vulnerabilities

WordPress Plugin Pondol Carousel Cross-Site Scripting (1.0)

XOOPS Other Vulnerability (CVE-2005-3680)

Rukovoditel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-13590)

Oracle Database Server CVE-2006-3705 Vulnerability (CVE-2006-3705)

WordPress 4.2.x Same Origin Method Execution (SOME) Vulnerability (4.2 - 4.2.7)

Severity

Low

Classification

CVE-2008-1924 CWE-200

Tags

Missing Update Known Vulnerabilities