CVE-2004-1148

Name of the Vulnerable Software and Affected Versions: phpMyAdmin versions prior to 2.6.1

Description: The issue allows remote attackers to read arbitrary files when phpMyAdmin is configured with UploadDir functionality. This is achieved by exploiting the sql localfile parameter.

Recommendations: For versions prior to 2.6.1, update to version 2.6.1 or later to resolve the issue. As a temporary workaround, consider disabling the UploadDir functionality until a patch is available. Restrict access to the sql localfile parameter to minimize the risk of exploitation.