CyberSec.Space Logo
Back to CVE Browser

CVE-2004-1147

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1300%
EPSS Percentile12.50th
PublishedJan 10, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute arbitrary commands via shell metacharacters.

Affected Platforms (CPE)

πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.4.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.0
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.2
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.4
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.5
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.5_pl1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.5_rc1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.5_rc2
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.6_rc1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.7
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.5.7_pl1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.6.0_pl1
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.6.0_pl2
πŸ“¦
Phpmyadmin

Phpmyadmin

= 2.6.0_pl3

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=110295781828323&w=2
πŸ”— http://www.exaprobe.com/labs/advisories/esa-2004-1213.html
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/18441
πŸ”— http://marc.info/?l=bugtraq&m=110295781828323&w=2
πŸ”— http://www.exaprobe.com/labs/advisories/esa-2004-1213.html
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/18441

Related Vulnerabilities

CVE-2008-725110.0

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknow...

CVE-2008-725210.0

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown imp...

CVE-2007-020310.0

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.

CVE-2019-186229.8

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack th...