CVE-2008-4454

Properties

Published:
05.10.2008
Updated:
24.07.2009
Patch available:
Severity:
Medium
CVSS vector:
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Product:
mysql_quick_admin: mysql_quick_admin

Vulnerability description

Directory traversal vulnerability in EKINdesigns MySQL Quick Admin 1.5.5 allows remote attackers to read and execute arbitrary files via a .. (dot dot) in the lang parameter to actions.php.  NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

References:

SECUNIA:http://secunia.com/advisories/31820