Encoded directory traversal vulnerability in phpPgAdmin 3.1 to 3.5.3 allows remote attackers to access arbitrary files via %2e%2e%2f (encoded dot dot) sequences in the formLanguage parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phppgadmin | Phppgadmin | 3.4 | 3.4 |
Phppgadmin | Phppgadmin | 3.5.3 | 3.5.3 |
Phppgadmin | Phppgadmin | 3.1 | 3.1 |
Phppgadmin | Phppgadmin | 3.4.1 | 3.4.1 |
Phppgadmin | Phppgadmin | 3.3 | 3.3 |
Phppgadmin | Phppgadmin | 3.2 | 3.2 |