Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the export functionality, the errors containing the full path of the directory of phpMyAdmin are written to the export file. All 4.6.x versions (prior to 4.6.5), and 4.4.x versions (prior to 4.4.15.9) are affected. This CVE is for the json_decode issue.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpMyAdmin 路径遍历漏洞
Vulnerability Description
phpMyAdmin是phpMyAdmin团队开发的一套免费的、基于Web的MySQL数据库管理工具。该工具能够创建和删除数据库,创建、删除、修改数据库表,执行SQL脚本命令等。 phpMyAdmin中存在路径遍历漏洞,该漏洞源于显示的错误信息中含有完整的目录路径。攻击者可利用该漏洞向导出文件中写入恶意信息。以下版本受到影响:phpMyAdmin 4.6.5之前的4.6.x版本,4.4.15.9之前的4.4.x版本,4.0.10.18之前的4.0.x版本。
CVSS Information
N/A
Vulnerability Type
N/A