Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
PhpMyAdmin before 2.9.1.1 allows remote attackers to obtain the full server path via direct requests to (a) scripts/check_lang.php and (b) themes/darkblue_orange/layout.inc.php; and via the (1) lang[], (2) target[], (3) db[], (4) goto[], (5) table[], and (6) tbl_group[] array arguments to (c) index.php, and the (7) back[] argument to (d) sql.php; and an invalid (8) sort_by parameter to (e) server_databases.php and (9) db parameter to (f) db_printview.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpMyAdmin 多个输入确认漏洞
Vulnerability Description
PhpMyAdmin 2.9.1.1之前版本可以让远程攻击者借助对(a)scripts/check_lang.php和(b)themes/darkblue_orange/layout.inc.php的直接请求,借助提交到(c)index.php的(1)lang[],(2)target[],(3)db[],(4)goto[],(5)table[]和(6)tbl_group[]数组参数,到(d)sql.php的(7)back[]参数,到(e)server_databases.php的(8)sort_by参数和
CVSS Information
N/A
Vulnerability Type
N/A