CVE-2004-0129

Description

Directory traversal vulnerability in export.php in phpMyAdmin 2.5.5 and earlier allows remote attackers to read arbitrary files via .. (dot dot) sequences in the what parameter.

How to fix CVE-2004-0129

To remediate CVE-2004-0129, upgrade the affected package to a fixed version below.

• Debian/phpmyadmin—upgrade to 2:2.6.0-pl2 or later

Is CVE-2004-0129 being exploited?

Moderate — EPSS is 13.3%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 2:2.6.0-pl2

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2004-0129