Unrated severityNVD Advisory· Published Aug 1, 2011· Updated Jun 16, 2026
CVE-2011-2643
CVE-2011-2643
Description
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:phpmyadmin:phpmyadmin:3.4.3.1:*:*:*:*:*:*:*
- (no CPE)range: >=3.4, <3.4.3.2
Patches
Vulnerability mechanics
References
10- www.phpmyadmin.net/home_page/security/PMASA-2011-10.phpnvdPatchVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdPatch
- secunia.com/advisories/45365nvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.htmlnvd
- phpmyadmin.git.sourceforge.net/git/gitweb.cginvd
- secunia.com/advisories/45515nvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/48874nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/68767nvd
News mentions
0No linked articles in our index yet.