Description

phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended.

Remediation

References

CVE-2005-0653

Related Vulnerabilities

WordPress Plugin Read and Understood Multiple Vulnerabilities (2.1)

WordPress Plugin ChenPress Arbitrary File Upload (3.0)

TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-3942)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-4866)

phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1151)

Severity

Medium

Classification

CVE-2005-0653

Tags

Missing Update Known Vulnerabilities