CVE-2018-25231 | HeidiSQL 9.5.0.5196 file path filename control (Exploit 45806 / EUVD-2018-21720)

A vulnerability classified as problematic was found in HeidiSQL 9.5.0.5196. Impacted is an unknown function. Executing a manipulation of the argument file path can lead to improper control of filename for include/require statement in php program (‘php remote file inclusion’).

This vulnerability is tracked as CVE-2018-25231. The attack is restricted to local execution. Moreover, an exploit is present.VulDB Recent EntriesRead More