[Forgot Password]
Login  Register Subscribe

23631

 
 

115084

 
 

97559

 
 

909

 
 

78730

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-5587

Date: (C)2008-12-16   (M)2017-10-04
 
CVSS Score: 4.3Access Vector: NETWORK
Exploitability Subscore: 8.6Access Complexity: MEDIUM
Impact Subscore: 2.9Authentication: NONE
 Confidentiality: PARTIAL
 Integrity: NONE
 Availability: NONE











Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.

Reference:
BID-32670
SECUNIA-33014
SECUNIA-33263
SREASON-4737
EXPLOIT-DB-7363
DSA-1693
SUSE-SR:2009:004
openSUSE-SU-2012:0493
phppgadmin-index-file-include(47140)

CWE    1
CWE-22
OVAL    1
oval:org.mitre.oval:def:7719

© 2013 SecPod Technologies