FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyadmin -- local file inclusion vulnerability

Affected packages
2.6.4.r1 <= phpMyAdmin <= 2.6.4.1

Details

VuXML ID 9b7053fd-3ab5-11da-9484-00123ffe8333
Discovery 2005-10-11
Entry 2005-10-11
Modified 2005-10-13

A phpMyAdmin security announcement reports:

In libraries/grab_globals.lib.php, the $__redirect parameter was not correctly validated, opening the door to a local file inclusion attack.

We consider this vulnerability to be serious.

References

Bugtraq ID 15053
Message 20051010161119.1689.qmail@securityfocus.com
URL http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-4