CVE-2004-1148

EPSS 0.39%

Published: 1/10/2005Modified: 5/7/2026

Description

phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.

Affected packages (1)

Debian/phpmyadminfrom 0, < 2:2.6.1-rc1-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2004-1148