PT-2013-4246 · Phpmyadmin · Phpmyadmin
Janek Vind
·
Published
2013-04-26
·
Updated
2024-06-15
·
CVE-2013-3240
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
phpMyAdmin versions prior to 4.0.0-rc3
Description
The issue concerns a directory traversal vulnerability in the Export feature. This allows remote authenticated users to read arbitrary files or possibly have unspecified other impact via a parameter that specifies a crafted export type.
Recommendations
For versions prior to 4.0.0-rc3, update to version 4.0.0-rc3 or later to resolve the issue.
Exploit
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpmyadmin