CVE-2006-6944
phpMyAdmin < 2.9.1.1 - Remote Access Control Bypass via False Headers
Title source: llmDescription
phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.
References (4)
Core 4
Core References
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4572
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/26733
Patch, Vendor Advisory x_refsource_confirm
http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2006-9
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.us.debian.org/security/2007/dsa-1370
Scores
EPSS
0.0036
EPSS Percentile
58.5%
Details
Status
published
Products (9)
phpmyadmin/phpmyadmin
2.9.0
phpmyadmin/phpmyadmin
2.9.0.1
phpmyadmin/phpmyadmin
2.9.0.2
phpmyadmin/phpmyadmin
2.9.0.3
phpmyadmin/phpmyadmin
2.9.0_beta1
phpmyadmin/phpmyadmin
2.9.0_rc1
phpmyadmin/phpmyadmin
2.9.1_rc1
phpmyadmin/phpmyadmin
2.9.1_rc2
phpmyadmin/phpmyadmin
< 2.9.1
Published
Jan 19, 2007
Tracked Since
Feb 18, 2026