CVE-2005-1392
phpMyAdmin 2.6.2 - Unprotected Credential Exposure via World-Readable SQL Install Script
Title source: llmDescription
The SQL install script in phpMyAdmin 2.6.2 is created with world-readable permissions, which allows local users to obtain the initial database password by reading the script.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/16053
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/0436
Issue Tracking x_refsource_confirm
http://bugs.gentoo.org/show_bug.cgi?id=88831
Vendor Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200504-30.xml
Scores
EPSS
0.0005
EPSS Percentile
16.2%
Details
Status
published
Products (1)
phpmyadmin/phpmyadmin
2.6.2
Published
May 03, 2005
Tracked Since
Feb 18, 2026