Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2011-2508 - Vulnerability Database
phpMyAdmin

phpMyAdmin Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2011-2508

Medium
Reference: CVE-2011-2508
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-2508
Title: phpMyAdmin Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

Directory traversal vulnerability in libraries/display_tbl.lib.php in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 when a certain MIME transformation feature is enabled allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in a GLOBALSmime_mapmeta-gtnametransformation parameter.