CVE-2008-7252
phpMyAdmin unsafely handles temporary files
EPSS 3.0%
Description
libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors.
How to fix CVE-2008-7252
To remediate CVE-2008-7252, upgrade the affected package to a fixed version below.
- Debian/phpmyadmin—upgrade to 4:3.0.0-1 or later
- Packagist/phpmyadmin/phpmyadmin—upgrade to 2.11.10 or later
Is CVE-2008-7252 being exploited?
Low — EPSS is 3.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 4:3.0.0-1
- >= 2.11.0, < 2.11.10