Family: CGI abuses --> Category: infos
phpMyAdmin arbitrary file reading (2) Vulnerability Scan
Vulnerability Scan Summary
Detailed Explanation for this Vulnerability Test
The remote web server contains a PHP script that is affected by a
local file inclusion flaw.
There is a bug in the remote version of phpMyAdmin that may allow an
attacker to read arbitrary files on the remote web server with the
rights of the web user or even execute arbitrary PHP code.
Successful exploitation of this issue requires that PHP's
'magic_quotes_gpc' setting be disabled.
See also :
Upgrade to phpMyAdmin version 2.4.6-rc1 or later.
Medium / CVSS Base Score : 6
Click HERE for more information and discussions on this network vulnerability scan.