CVE-2011-2718

N/A Unknown

Published: August 01, 2011 Modified: April 29, 2026

Description

Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html

Source: secalert@redhat.com

http://osvdb.org/74111

Source: secalert@redhat.com

http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393

Source: secalert@redhat.com

http://secunia.com/advisories/45365

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/45515

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:124

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2011/07/25/4

Source: secalert@redhat.com

Patch

http://www.openwall.com/lists/oss-security/2011/07/26/10

Source: secalert@redhat.com

Patch

http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php

Source: secalert@redhat.com

Patch Vendor Advisory

http://www.securityfocus.com/bid/48874

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=725383

Source: secalert@redhat.com

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/68768

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/74111

Source: af854a3a-2127-422b-91ae-364da2661108

http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=3ae58f0cd6b89ad4767920f9b214c38d3f6d4393

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/45365

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/45515

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2011:124

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2011/07/25/4

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.openwall.com/lists/oss-security/2011/07/26/10

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.phpmyadmin.net/home_page/security/PMASA-2011-11.php

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.securityfocus.com/bid/48874

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=725383

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/68768

Source: af854a3a-2127-422b-91ae-364da2661108

26 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

1.7%

74th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-22

Affected Vendors

phpmyadmin

Related CVEs

CVE-2026-56414 7.2

CVE-2026-55975 7.2

CVE-2026-33560 7.1

CVE-2026-31928 8.1

CVE-2026-28701 9.8