HIGH🇵🇱 Wersja polska

CVE-2008-7252

CVSS 10.0v2.0pub. 2010-01-19upd. 2026-04-23

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Phpmyadmin

    APP
    Phpmyadmin
    2.11.02.11.0.02.11.0beta12.11.0rc12.11.12.11.1.02.11.1.12.11.1.22.11.1rc12.11.22.11.2.02.11.2.12.11.2.22.11.32.11.3.0+ 23 więcej
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2009-1151CRITICAL9.8⚠ KEVten sam produkt

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 a...

CVE-2020-22452CRITICAL9.8ten sam produkt

SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5...

CVE-2020-26935CRITICAL9.8ten sam produkt

An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection v...

CVE-2019-19617CRITICAL9.8ten sam produkt

phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevis...

CVE-2019-18622CRITICAL9.8ten sam produkt

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL...