CVE-2009-1148
EPSS 0.60%Published: 3/26/2009Modified: 5/7/2026
Also known as:DEBIAN-CVE-2009-1148
Description
Directory traversal vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to read arbitrary files via directory traversal sequences in the file_path parameter ($filename variable).
Affected packages (1)
- Debian/phpmyadminfrom 0, < 4:3.1.3.1-1