CVE-2008-7251 — Phpmyadmin vulnerability

CWE-2646 documents6 sources

Severity

10.0CRITICALNVD

EPSS

2.5%

top 14.53%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpmyadmin Debian Phpmyadmin

Timeline

PublishedJan 19

Latest updateMay 17

Description

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/phpmyadmin< phpmyadmin 4:3.0.0-1 (bookworm)

▶Debianphpmyadmin/phpmyadmin< 4:3.0.0-1+3

▶NVDphpmyadmin/phpmyadmin38 versions+37

🔴Vulnerability Details

GHSA

GHSA-q22m-2g7f-xqm5: libraries/File↗2022-05-17

▶

OSV

CVE-2008-7251: libraries/File↗2010-01-19

▶

📋Vendor Advisories

Red Hat

phpMyAdmin 2.x multiple vulnerabilities↗2010-01-15

▶

Debian

CVE-2008-7251: phpmyadmin - libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary...↗2008

▶

💬Community

Bugzilla

CVE-2008-7251 CVE-2008-7252 CVE-2009-4605 phpMyAdmin 2.x multiple vulnerabilities↗2010-01-20

▶