Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x prior to 3.4.3.2, when configuration storage is enabled, allows remote malicious users to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpmyadmin phpmyadmin 3.4.0.0 |
||
phpmyadmin phpmyadmin 3.4.3.1 |
||
phpmyadmin phpmyadmin 3.4.1.0 |
||
phpmyadmin phpmyadmin 3.4.2.0 |
||
phpmyadmin phpmyadmin 3.4.3.0 |