Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin prior to 3.1.3.1 allows remote malicious users to read arbitrary files via directory traversal sequences in the file_path parameter ($filename variable).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpmyadmin phpmyadmin 3.1.1 |
||
phpmyadmin phpmyadmin 3.1.2 |
||
phpmyadmin phpmyadmin 3.1.0.0 |
||
phpmyadmin phpmyadmin |
||
phpmyadmin phpmyadmin 3.1.3 |
||
phpmyadmin phpmyadmin 3.1.0 |