VDB
CVE-2011-2718
CVE-2011-2718
PUBLISHED
CVSS 6 MEDIUM
Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php.
EPSS 1.00% · 77.4th percentile
Risk Scores
CVSS 2.0
6
EPSS Score
1.00%
77.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| phpmyadmin | phpmyadmin | 3.4.2.0, 3.4.3.0, 3.4.1.0 |
| n/a | n/a | n/a |
| phpmyadmin | phpmyadmin | 3.4 |
Timeline
- Aug 1, 2011 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- May 20, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Dec 18, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 2, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 7, 2023 EPSS Score
References
- 45515 third-party-advisory
- 45365 third-party-advisory
- 74111 vdb
- 48874 vdb
- http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393 url
- MDVSA-2011:124 vendor-advisory
- [oss-security] 20110726 Re: CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12 mailing-list
- https://bugzilla.redhat.com/show_bug.cgi?id=725383 url
- http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php url
- FEDORA-2011-9725 vendor-advisory
- phpmyadmin-schema-file-include(68768) vdb
- FEDORA-2011-9734 vendor-advisory
- [oss-security] 20110725 CVE-Request -- phpMyAdmin -- PMASA-2011-11 and PMASA-2011-12 mailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2011-2718 advisory
- https://github.com/phpmyadmin/phpmyadmin/commit/3ae58f0cd6b89ad4767920f9b214c38d3f6d4393 url
- https://github.com/phpmyadmin/composer package
- https://web.archive.org/web/20120111084137/http://www.securityfocus.com/bid/48874 url
- https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124 url
- http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393 url