PT-2004-3520 · Php · Phpmyadmin
Published
2004-12-31
·
Updated
2017-07-20
·
CVE-2004-2630
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
phpMyAdmin versions 2.5.0 through 2.6.0-pl1
Description
The issue allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors, due to a problem in the MIME transformation system, specifically in the transformations/text plain external.inc.php file.
Recommendations
For phpMyAdmin versions 2.5.0 through 2.6.0-pl1, consider updating to a version that contains a fix for this issue, as the current version allows for the execution of arbitrary commands.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phpmyadmin