N/A

Directory traversal vulnerability in get_file.php in phpMyBackupPro 2.1 through 2.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. NOTE: this vulnerability exists due to an incomplete fix to CVE-2009-4050.

N/A

N/A

phpMyBackupPro 路径遍历漏洞

phpMyBackupPro是一套免费的基于Web的MySql备份工具。该工具支持自动备份、定时备份、异地备份MySql数据库。 phpMyBackupPro 2.1版本至2.4版本中的get_file.php文件存在目录遍历漏洞。远程攻击者可借助‘view’参数的‘..’文件利用该漏洞读取任意文件。

N/A

N/A