CVE Vulnerabilities

CVE-2004-2631

Published: Dec 31, 2004 | Modified: Jul 20, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name.

Affected Software

Name Vendor Start Version End Version
Phpmyadmin Phpmyadmin 2.5.2_pl1 2.5.2_pl1
Phpmyadmin Phpmyadmin 2.5.5_rc1 2.5.5_rc1
Phpmyadmin Phpmyadmin 2.5.5 2.5.5
Phpmyadmin Phpmyadmin 2.5.7 2.5.7
Phpmyadmin Phpmyadmin 2.5.6_rc1 2.5.6_rc1
Phpmyadmin Phpmyadmin 2.5.2 2.5.2
Phpmyadmin Phpmyadmin 2.5.1 2.5.1
Phpmyadmin Phpmyadmin 2.5.4 2.5.4
Phpmyadmin Phpmyadmin 2.5.3 2.5.3
Phpmyadmin Phpmyadmin 2.5.6_rc2 2.5.6_rc2
Phpmyadmin Phpmyadmin 2.5.5_rc2 2.5.5_rc2
Phpmyadmin Phpmyadmin 2.5.5_pl1 2.5.5_pl1

References