CVE-2019-6799 -- phpmyadminID: oval:org.secpod.oval:def:2001050 | Date: (C)2019-04-23 (M)2023-12-20 |
Class: VULNERABILITY | Family: unix |
An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server"s user can access. This is related to the mysql.allow_local_infile PHP configuration, and the inadvertent ignoring of "options
Platform: |
Debian 8.x |
Debian 9.x |