Home > Vulnerability Database > CVE-2011-0986

Mend.io Vulnerability Database

CVE-2011-0986

Date: February 14, 2011

phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the (1) README, (2) ChangeLog, and (3) LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file.

Language: PHP

Severity Score

5.3

Related Resources (11)

Url: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054349.html

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/65424

Url: http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=035d002db1e1201e73e560d7d98591563b506a83

Url: http://www.vupen.com/english/advisories/2011/0385

Url: https://nvd.nist.gov/vuln/detail/CVE-2011-0986

Url: http://www.mandriva.com/security/advisories?name=MDVSA-2011:026

Url: http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php

Url: http://secunia.com/advisories/43478

Url: https://security-tracker.debian.org/tracker/CVE-2011-0986

Url: http://lists.fedoraproject.org/pipermail/package-announce/2011-February/054355.html

Url: https://www.mend.io/vulnerability-database/CVE-2011-0986

Severity Score

5.3

Weakness Type (CWE)

Input Validation

CWE-20

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	NONE
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2011-0986

Date: February 14, 2011

Language: PHP

Severity Score

Related Resources (11)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?