CVE-2006-5117

phpMyAdmin before 2.9.1-rc1 has a libraries directory under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information via direct requests for certain files.

Published: Oct 3, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-5117
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
phpmyadmin / phpmyadmin	2.8.1_dev	2.8.1_dev.x
phpmyadmin / phpmyadmin	2.8.3	2.8.3.x
phpmyadmin / phpmyadmin	2.8.0.2	2.8.0.2.x
phpmyadmin / phpmyadmin	2.9.0_dev	2.9.0_dev.x
phpmyadmin / phpmyadmin	2.8.0.1	2.8.0.1.x
phpmyadmin / phpmyadmin	2.8.1	2.8.1.x
phpmyadmin / phpmyadmin	2.8.0.3	2.8.0.3.x
phpmyadmin / phpmyadmin	2.8.4	2.8.4.x

http://lists.suse.com/archive/suse-security-announce/2006-Nov/0010.html
http://prdownloads.sourceforge.net/phpmyadmin/phpMyAdmin-2.9.1-rc1.tar.gz?download
http://secunia.com/advisories/22126
http://secunia.com/advisories/23086
http://www.securityfocus.com/bid/20253

Vulnerability Database

289,697

CVE-2006-5117