phpMyAdmin 2.x – Information Disclosure

phpMyAdmin 2.x – Information Disclosure

漏洞ID 1053971 漏洞类型
发布时间 2003-06-18 更新时间 2003-06-18
图片[1]-phpMyAdmin 2.x – Information Disclosure-安全小百科CVE编号 N/A
图片[2]-phpMyAdmin 2.x – Information Disclosure-安全小百科CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/22798
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/7963/info

A vulnerability has been reported for phpMyAdmin that may reveal the contents of directories to remote attackers. The vulnerability exists due to insufficient sanitization of user-supplied input. Specifically, dot-dot-slash '../' directory traversal sequences are not sufficiently sanitized from URI parameters. 

http://localhost/mysql/db_details_importdocsql.php?submit_show=true&do=import&docpath=[../../../]

相关推荐: SCO OpenServer多个缓冲区溢出漏洞

SCO OpenServer多个缓冲区溢出漏洞 漏洞ID 1205718 漏洞类型 缓冲区溢出 发布时间 2001-06-13 更新时间 2001-06-13 CVE编号 CVE-2001-1148 CNNVD-ID CNNVD-200106-064 漏洞平台…

© 版权声明
THE END
喜欢就支持一下吧
点赞0
分享