2004-12-15 05:00:00
mitre
PUBLISHED
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.