Description

PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin 2.6.4 and 2.6.4-pl1 allows remote attackers to include local files via the $__redirect parameter, possibly involving the subform array.

Remediation

References

CVE-2005-3299

Related Vulnerabilities

MySQL CVE-2018-3123 Vulnerability (CVE-2018-3123)

Apache Tomcat Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-12617)

Nginx CVE-2011-4963 Vulnerability (CVE-2011-4963)

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-4289)

WordPress Plugin cdnvote 'cdnvote-post.php' Multiple SQL Injection Vulnerabilities (0.4.1)

Severity

Medium

Classification

CVE-2005-3299

Tags

Missing Update Known Vulnerabilities