CVE-2010-3055

EPSS 1.7%

phpmyadmin - several vulnerabilities

發布日:2010/8/24修改日:2026/3/9

也稱為:DSA-2097-1DEBIAN-CVE-2010-3055

描述

The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.

受影響套件(3)

Debian/phpmyadminfrom 0, < 4:3.0.0
Debian/phpmyadminfrom 0, < 4:2.11.8.1-5+lenny5
Debian/phpmyadminfrom 0, < 4:2.11.8.1-5+lenny6

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-3055