Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-2hse-tgk7-zban
Vulnerability ID VCID-2hse-tgk7-zban
Aliases CVE-2005-3300
Summary The register_globals emulation layer in grab_globals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the _FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use grab_globals.php, then modifying certain configuration values for the theme.
Status Published
Exploitability 0.5
Weighted Severity 0.0
Risk None
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2005-3300
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2005-3300
epss 0.0189 https://api.first.org/data/v1/epss?cve=CVE-2005-3300
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2005-3300
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3300
335306 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=335306
GLSA-200510-21 https://security.gentoo.org/glsa/200510-21
No exploits are available.
There are no known vectors.
Exploit Prediction Scoring System (EPSS)
Percentile 0.83531
EPSS Score 0.0189
Published At June 4, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-04T17:07:07.224290+00:00 Debian Importer Import https://security-tracker.debian.org/tracker/data/json 38.6.0