CVE - CVE-2011-2718

CVE-ID
CVE-2011-2718	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:45365 URL:http://secunia.com/advisories/45365 MISC:45515 URL:http://secunia.com/advisories/45515 MISC:48874 URL:http://www.securityfocus.com/bid/48874 MISC:74111 URL:~~http://osvdb.org/74111~~ (Obsolete source) MISC:FEDORA-2011-9725 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html MISC:FEDORA-2011-9734 URL:http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html MISC:MDVSA-2011:124 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2011:124~~ (Obsolete source) MISC:[oss-security] 20110725 CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12 URL:http://www.openwall.com/lists/oss-security/2011/07/25/4 MISC:[oss-security] 20110726 Re: CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12 URL:http://www.openwall.com/lists/oss-security/2011/07/26/10 MISC:http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393 URL:http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393 MISC:http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php URL:http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php MISC:https://bugzilla.redhat.com/show_bug.cgi?id=725383 URL:https://bugzilla.redhat.com/show_bug.cgi?id=725383 MISC:phpmyadmin-schema-file-include(68768) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/68768
Assigning CNA
Red Hat, Inc.
Date Record Created
20110711	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20110711)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Site Map | Terms of Use | Privacy Policy | Contact Us | Follow CVE

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.