CyberSec.Space Logo
CVEブラウザに戻る

CVE-2008-7252

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1010%
EPSS Percentile43.17th
Published2010年1月19日
Last Modified2026年4月23日

Vulnerability Description

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.

Affected Platforms (CPE)

📦
Phpmyadmin

Phpmyadmin

= 2.11.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.0.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.0beta1
📦
Phpmyadmin

Phpmyadmin

= 2.11.0rc1
📦
Phpmyadmin

Phpmyadmin

= 2.11.1
📦
Phpmyadmin

Phpmyadmin

= 2.11.1
📦
Phpmyadmin

Phpmyadmin

= 2.11.1.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.1.1
📦
Phpmyadmin

Phpmyadmin

= 2.11.1.2
📦
Phpmyadmin

Phpmyadmin

= 2.11.1rc1
📦
Phpmyadmin

Phpmyadmin

= 2.11.2
📦
Phpmyadmin

Phpmyadmin

= 2.11.2.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.2.1
📦
Phpmyadmin

Phpmyadmin

= 2.11.2.2
📦
Phpmyadmin

Phpmyadmin

= 2.11.3
📦
Phpmyadmin

Phpmyadmin

= 2.11.3
📦
Phpmyadmin

Phpmyadmin

= 2.11.3.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.3rc1
📦
Phpmyadmin

Phpmyadmin

= 2.11.4
📦
Phpmyadmin

Phpmyadmin

= 2.11.4
📦
Phpmyadmin

Phpmyadmin

= 2.11.4.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.4rc1
📦
Phpmyadmin

Phpmyadmin

= 2.11.5
📦
Phpmyadmin

Phpmyadmin

= 2.11.5
📦
Phpmyadmin

Phpmyadmin

= 2.11.5.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.5.1
📦
Phpmyadmin

Phpmyadmin

= 2.11.5.2
📦
Phpmyadmin

Phpmyadmin

= 2.11.5rc1
📦
Phpmyadmin

Phpmyadmin

= 2.11.6
📦
Phpmyadmin

Phpmyadmin

= 2.11.6
📦
Phpmyadmin

Phpmyadmin

= 2.11.6.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.6rc1
📦
Phpmyadmin

Phpmyadmin

= 2.11.7
📦
Phpmyadmin

Phpmyadmin

= 2.11.7.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.8
📦
Phpmyadmin

Phpmyadmin

= 2.11.9
📦
Phpmyadmin

Phpmyadmin

= 2.11.9.0
📦
Phpmyadmin

Phpmyadmin

= 2.11.9.1
📦
Phpmyadmin

Phpmyadmin

= 2.11.9.2
📦
Phpmyadmin

Phpmyadmin

= 2.11.9.3
📦
Phpmyadmin

Phpmyadmin

= 2.11.9.4
📦
Phpmyadmin

Phpmyadmin

= 2.11.9.5
📦
Phpmyadmin

Phpmyadmin

= 2.11.9.6

References & Advisories

🔗 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00007.html
🔗 http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/QA_2_11/phpMyAdmin/libraries/File.class.php?r1=11528&r2=11527&pathrev=11528
🔗 http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin?view=rev&revision=11528
🔗 http://secunia.com/advisories/38211
🔗 http://secunia.com/advisories/39503
🔗 http://www.debian.org/security/2010/dsa-2034
🔗 http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php
🔗 http://www.securityfocus.com/bid/37826

関連する脆弱性情報

CVE-2007-020310.0

Multiple unspecified vulnerabilities in phpMyAdmin before 2.9.2-rc1 have unknown impact and attack vectors.

CVE-2008-725110.0

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknow...

CVE-2004-114710.0

phpMyAdmin 2.6.0-pl2, and other versions before 2.6.1, with external transformations enabled, allows remote attackers to execute a...

CVE-2019-186229.8

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack th...