CyberSec.Space Logo
Back to CVE Browser

CVE-2008-7251

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1770%
EPSS Percentile21.46th
PublishedJan 19, 2010
Last ModifiedApr 23, 2026

Vulnerability Description

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors.

Affected Platforms (CPE)

πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.0.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.0beta1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.0rc1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.1.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.1.1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.1.2
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.1rc1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.2
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.2.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.2.1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.2.2
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.3
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.3
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.3.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.3rc1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.4
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.4
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.4.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.4rc1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.5
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.5
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.5.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.5.1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.5.2
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.5rc1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.6
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.6
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.6.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.6rc1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.7
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.7.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.8
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.9
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.9.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.9.1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.9.2
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.9.3
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.9.4
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.9.5
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.11.9.6

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
πŸ”— http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11536&r2=11535&pathrev=11536
πŸ”— http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11536
πŸ”— http://secunia.com/advisories/38211
πŸ”— http://secunia.com/advisories/39503
πŸ”— http://www.debian.org/security/2010/dsa-2034
πŸ”— http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php
πŸ”— http://www.securityfocus.com/bid/37826

Related Vulnerabilities

CVE-2007-020310.0

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.

CVE-2008-725210.0

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown imp...

CVE-2004-114710.0

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute a...

CVE-2019-186229.8

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack th...