In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).
{"veracode": [{"lastseen": "2023-04-18T12:24:30", "description": "phpmyadmin is vulnerable to SQL injection. The vulnerability exists as the values of `username` was not sanitized in `libraries/classes/Server/Privileges.php` and `libraries/classes/UserPassword.php`.\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-03-24T07:10:31", "type": "veracode", "title": "SQL Injection", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10804"], "modified": "2022-11-16T07:03:50", "id": "VERACODE:22773", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-22773/summary", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-12-03T14:51:32", "description": "In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-03-22T04:15:00", "type": "cve", "title": "CVE-2020-10804", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10804"], "modified": "2023-11-07T03:14:00", "cpe": ["cpe:/o:fedoraproject:fedora:32", "cpe:/a:suse:package_hub:-", "cpe:/o:opensuse:leap:15.1", "cpe:/a:opensuse:backports_sle:15.0", "cpe:/o:fedoraproject:fedora:30", "cpe:/o:fedoraproject:fedora:31"], "id": "CVE-2020-10804", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10804", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*", "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2023-12-03T15:23:40", "description": "In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-03-22T04:15:00", "type": "debiancve", "title": "CVE-2020-10804", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10804"], "modified": "2020-03-22T04:15:00", "id": "DEBIANCVE:CVE-2020-10804", "href": "https://security-tracker.debian.org/tracker/CVE-2020-10804", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-11-22T01:13:28", "description": "In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).", "cvss3": {"cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}}, "published": "2020-03-22T04:15:00", "type": "prion", "title": "Sql injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10804"], "modified": "2023-11-07T03:14:00", "id": "PRION:CVE-2020-10804", "href": "https://www.prio-n.com/kb/vulnerability/CVE-2020-10804", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "phpmyadmin": [{"lastseen": "2023-12-03T16:53:16", "description": "## PMASA-2020-2\n\n**Announcement-ID:** PMASA-2020-2\n\n**Date:** 2020-03-20\n\n**Updated:** 2020-03-22\n\n### Summary\n\nSQL injection with processing username\n\n### Description\n\nAn SQL injection vulnerability was found in how phpMyAdmin retrieves the current username.\n\nA malicious user with access to the server could create a specially-crafted username and then trick the victim in to performing specific actions with that user account (such as editing its privileges).\n\nThis flaw also could generate server errors for users with certain characters who try to change their MySQL passwords.\n\n### Severity\n\nBecause of the specific steps required to exploit this, we consider this vulnerability to be of moderate severity\n\n### Affected Versions\n\nphpMyAdmin 4.9.x releases prior to 4.9.5 and the 5.0.x releases prior to 5.0.2 are affected.\n\n### Solution\n\nUpgrade to phpMyAdmin 4.9.5 or 5.0.2 or newer or apply patch listed below.\n\n### References\n\nThanks to [hoangn144_VCS](<mailto:hoangnguyenatn@gmail.com>) and [bluebird](<https://github.com/blue-bird1>) for reporting these vulnerabilities.\n\nAssigned CVE ids: [CVE-2020-10804](<https://vulners.com/cve/CVE-2020-10804>)\n\nCWE ids: [CWE-661](<https://cwe.mitre.org/data/definitions/661.html>)\n\n### Patches\n\nThe following commits have been made to fix this issue:\n\n * [89fbcd7c39e6b3979cdb2f64aa4cd5f4db27eaad](<https://github.com/phpmyadmin/phpmyadmin/commit/89fbcd7c39e6b3979cdb2f64aa4cd5f4db27eaad>)\n * [3258978c38bee8cb4b99f249dffac9c8aaea2d80](<https://github.com/phpmyadmin/phpmyadmin/commit/3258978c38bee8cb4b99f249dffac9c8aaea2d80>)\n\n### More information\n\nFor further information and in case of questions, please contact the phpMyAdmin team. Our website is [ phpmyadmin.net](<https://www.phpmyadmin.net/>). \n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-03-20T00:00:00", "type": "phpmyadmin", "title": "SQL injection with processing username", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10804"], "modified": "2020-03-22T00:00:00", "id": "PHPMYADMIN:PMASA-2020-2", "href": "https://www.phpmyadmin.net/security/PMASA-2020-2/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2023-12-03T14:06:52", "description": "In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection\nvulnerability was found in retrieval of the current username (in\nlibraries/classes/Server/Privileges.php and\nlibraries/classes/UserPassword.php). A malicious user with access to the\nserver could create a crafted username, and then trick the victim into\nperforming specific actions with that user account (such as editing its\nprivileges).\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=954667>\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-03-22T00:00:00", "type": "ubuntucve", "title": "CVE-2020-10804", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10804"], "modified": "2020-03-22T00:00:00", "id": "UB:CVE-2020-10804", "href": "https://ubuntu.com/security/CVE-2020-10804", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-03-27T16:37:36", "description": "phpMyAdmin is prone to multiple SQL injection vulnerabilities.", "cvss3": {}, "published": "2020-03-23T00:00:00", "type": "openvas", "title": "phpMyAdmin < 4.9.5, 5.x < 5.0.2 Multiple SQL Injection Vulnerabilities - PMASA-2020-2, PMSA-2020-3, PMSA-2020-4 (Linux)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10804", "CVE-2020-10802", "CVE-2020-10803"], "modified": "2020-03-26T00:00:00", "id": "OPENVAS:1361412562310112715", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112715", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112715\");\n script_version(\"2020-03-26T07:22:55+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-26 07:22:55 +0000 (Thu, 26 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-23 11:00:00 +0000 (Mon, 23 Mar 2020)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n\n script_cve_id(\"CVE-2020-10802\", \"CVE-2020-10803\", \"CVE-2020-10804\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"phpMyAdmin < 4.9.5, 5.x < 5.0.2 Multiple SQL Injection Vulnerabilities - PMASA-2020-2, PMSA-2020-3, PMSA-2020-4 (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"phpMyAdmin/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"phpMyAdmin is prone to multiple SQL injection vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The following SQL injection vulnerabilities exist:\n\n - An SQL injection vulnerability was found in how phpMyAdmin retrieves the current username\n\n - An SQL injection vulnerability has been discovered where certain parameters are not properly\n escaped when generating certain queries for search actions within phpMyAdmin\n\n - An SQL injection vulnerability was discovered where malicious code could be used to trigger\n an XSS attack through retrieving and displaying results.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to:\n\n - create a specially-crafted username and then trick the victim in to performing specific\n actions with that user account (such as editing its privileges)\n\n - generate specially-crafted database or table names\n\n - insert specially-crafted data in to certain database tables, which when retrieved\n (for instance, through the Browse tab) can trigger an XSS attack\");\n\n script_tag(name:\"affected\", value:\"phpMyAdmin prior to version 4.9.5 and 5.x prior to 5.0.2.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.9.5, 5.0.2 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2020-2/\");\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2020-3/\");\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2020-4/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif(version_is_less(version: version, test_version: \"4.9.5\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.9.5\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif(version =~ \"^5\\.\" && version_is_less(version: version, test_version: \"5.0.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"5.0.2\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-04-15T14:53:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-03T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for phpMyAdmin (FEDORA-2020-d7b0a5a84a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10804", "CVE-2020-10802", "CVE-2020-10803"], "modified": "2020-04-07T00:00:00", "id": "OPENVAS:1361412562310877655", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877655", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877655\");\n script_version(\"2020-04-07T12:33:10+0000\");\n script_cve_id(\"CVE-2020-10804\", \"CVE-2020-10803\", \"CVE-2020-10802\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-07 12:33:10 +0000 (Tue, 07 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-03 03:17:45 +0000 (Fri, 03 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for phpMyAdmin (FEDORA-2020-d7b0a5a84a)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-d7b0a5a84a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the FEDORA-2020-d7b0a5a84a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"phpMyAdmin is a tool written in PHP intended to handle the administration of\nMySQL over the Web. Currently it can create and drop databases,\ncreate/drop/alter tables, delete/edit/add fields, execute any SQL statement,\nmanage keys on fields, manage privileges, export data into various formats and\nis available in 50 languages\");\n\n script_tag(name:\"affected\", value:\"'phpMyAdmin' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~5.0.2~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-04-15T14:48:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-03T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for phpMyAdmin (FEDORA-2020-25f3aea389)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10804", "CVE-2020-10802", "CVE-2020-10803"], "modified": "2020-04-07T00:00:00", "id": "OPENVAS:1361412562310877659", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877659", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877659\");\n script_version(\"2020-04-07T12:33:10+0000\");\n script_cve_id(\"CVE-2020-10804\", \"CVE-2020-10803\", \"CVE-2020-10802\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-07 12:33:10 +0000 (Tue, 07 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-03 03:17:51 +0000 (Fri, 03 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for phpMyAdmin (FEDORA-2020-25f3aea389)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2020-25f3aea389\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the FEDORA-2020-25f3aea389 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"phpMyAdmin is a tool written in PHP intended to handle the administration of\nMySQL over the World Wide Web. Most frequently used operations are supported\nby the user interface (managing databases, tables, fields, relations, indexes,\nusers, permissions), while you still have the ability to directly execute any\nSQL statement.\n\nFeatures include an intuitive web interface, support for most MySQL features\n(browse and drop databases, tables, views, fields and indexes, create, copy,\ndrop, rename and alter databases, tables, fields and indexes, maintenance\nserver, databases and tables, with proposals on server configuration, execute,\nedit and bookmark any SQL-statement, even batch-queries, manage MySQL users\nand privileges, manage stored procedures and triggers), import data from CSV\nand SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument Text\nand Spreadsheet, Word, Excel, LATEX and others, administering multiple servers,\ncreating PDF graphics of your database layout, creating complex queries using\nQuery-by-example (QBE), searching globally in a database or a subset of it,\ntransforming stored data into any format using a set of predefined functions,\nlike displaying BLOB-data as image or download-link and much more...\");\n\n script_tag(name:\"affected\", value:\"'phpMyAdmin' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~4.9.5~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-03-27T16:37:36", "description": "phpMyAdmin is prone to multiple SQL injection vulnerabilities.", "cvss3": {}, "published": "2020-03-23T00:00:00", "type": "openvas", "title": "phpMyAdmin < 4.9.5, 5.x < 5.0.2 Multiple SQL Injection Vulnerabilities - PMASA-2020-2, PMSA-2020-3, PMSA-2020-4 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10804", "CVE-2020-10802", "CVE-2020-10803"], "modified": "2020-03-26T00:00:00", "id": "OPENVAS:1361412562310112714", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112714", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:phpmyadmin:phpmyadmin\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112714\");\n script_version(\"2020-03-26T07:22:55+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-26 07:22:55 +0000 (Thu, 26 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-23 11:00:00 +0000 (Mon, 23 Mar 2020)\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n\n script_cve_id(\"CVE-2020-10802\", \"CVE-2020-10803\", \"CVE-2020-10804\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"phpMyAdmin < 4.9.5, 5.x < 5.0.2 Multiple SQL Injection Vulnerabilities - PMASA-2020-2, PMSA-2020-3, PMSA-2020-4 (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Web application abuses\");\n script_dependencies(\"secpod_phpmyadmin_detect_900129.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"phpMyAdmin/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"phpMyAdmin is prone to multiple SQL injection vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The following SQL injection vulnerabilities exist:\n\n - An SQL injection vulnerability was found in how phpMyAdmin retrieves the current username\n\n - An SQL injection vulnerability has been discovered where certain parameters are not properly\n escaped when generating certain queries for search actions within phpMyAdmin\n\n - An SQL injection vulnerability was discovered where malicious code could be used to trigger\n an XSS attack through retrieving and displaying results.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to:\n\n - create a specially-crafted username and then trick the victim in to performing specific\n actions with that user account (such as editing its privileges)\n\n - generate specially-crafted database or table names\n\n - insert specially-crafted data in to certain database tables, which when retrieved\n (for instance, through the Browse tab) can trigger an XSS attack\");\n\n script_tag(name:\"affected\", value:\"phpMyAdmin prior to version 4.9.5 and 5.x prior to 5.0.2.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.9.5, 5.0.2 or later.\");\n\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2020-2/\");\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2020-3/\");\n script_xref(name:\"URL\", value:\"https://www.phpmyadmin.net/security/PMASA-2020-4/\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif(version_is_less(version: version, test_version: \"4.9.5\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"4.9.5\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif(version =~ \"^5\\.\" && version_is_less(version: version, test_version: \"5.0.2\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"5.0.2\", install_path: location);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-04-15T14:43:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-03-30T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2020:0405-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10804", "CVE-2020-10802", "CVE-2020-10803"], "modified": "2020-04-07T00:00:00", "id": "OPENVAS:1361412562310853091", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853091", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853091\");\n script_version(\"2020-04-07T12:33:10+0000\");\n script_cve_id(\"CVE-2020-10802\", \"CVE-2020-10803\", \"CVE-2020-10804\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-07 12:33:10 +0000 (Tue, 07 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-30 03:00:46 +0000 (Mon, 30 Mar 2020)\");\n script_name(\"openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2020:0405-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0405-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00048.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the openSUSE-SU-2020:0405-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for phpMyAdmin to version 4.9.5 fixes the following issues:\n\n - phpmyadmin was updated to 4.9.5:\n\n - CVE-2020-10804: Fixed an SQL injection in the user accounts page,\n particularly when changing a password (boo#1167335 PMASA-2020-2).\n\n - CVE-2020-10802: Fixed an SQL injection in the search feature\n (boo#1167336 PMASA-2020-3).\n\n - CVE-2020-10803: Fixed an SQL injection and XSS when displaying results\n (boo#1167337 PMASA-2020-4).\n\n - Removed the 'options' field for the external transformation.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-405=1\n\n - SUSE Package Hub for SUSE Linux Enterprise 12:\n\n zypper in -t patch openSUSE-2020-405=1\");\n\n script_tag(name:\"affected\", value:\"'phpMyAdmin' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~4.9.5~lp151.2.15.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-04-15T14:49:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-04-03T00:00:00", "type": "openvas", "title": "Fedora: Security Advisory for phpMyAdmin (FEDORA-2020-e60ce63865)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10804", "CVE-2020-10802", "CVE-2020-10803"], "modified": "2020-04-07T00:00:00", "id": "OPENVAS:1361412562310877657", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877657", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877657\");\n script_version(\"2020-04-07T12:33:10+0000\");\n script_cve_id(\"CVE-2020-10804\", \"CVE-2020-10803\", \"CVE-2020-10802\");\n script_tag(name:\"cvss_base\", value:\"6.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-07 12:33:10 +0000 (Tue, 07 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-03 03:17:48 +0000 (Fri, 03 Apr 2020)\");\n script_name(\"Fedora: Security Advisory for phpMyAdmin (FEDORA-2020-e60ce63865)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-e60ce63865\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'phpMyAdmin'\n package(s) announced via the FEDORA-2020-e60ce63865 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"phpMyAdmin is a tool written in PHP intended to handle the administration of\nMySQL over the Web. Currently it can create and drop databases,\ncreate/drop/alter tables, delete/edit/add fields, execute any SQL statement,\nmanage keys on fields, manage privileges, export data into various formats and\nis available in 50 languages\");\n\n script_tag(name:\"affected\", value:\"'phpMyAdmin' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"phpMyAdmin\", rpm:\"phpMyAdmin~5.0.2~2.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd is available in 50 languages ", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-01T16:34:42", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: phpMyAdmin-5.0.2-2.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-04-01T16:34:42", "id": "FEDORA:333716076F52", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface (managing databases, tables, fields, relations, index es, users, permissions), while you still have the ability to directly execute a ny SQL statement. Features include an intuitive web interface, support for most MySQL features (browse and drop databases, tables, views, fields and indexes, create, copy, drop, rename and alter databases, tables, fields and indexes, maintenance server, databases and tables, with proposals on server configuration, execu te, edit and bookmark any SQL-statement, even batch-queries, manage MySQL users and privileges, manage stored procedures and triggers), import data from CSV and SQL, export data to various formats: CSV, SQL, XML, PDF, OpenDocument T ext and Spreadsheet, Word, Excel, LATEX and others, administering multiple serv ers, creating PDF graphics of your database layout, creating complex queries usi ng Query-by-example (QBE), searching globally in a database or a subset of it, transforming stored data into any format using a set of predefined function s, like displaying BLOB-data as image or download-link and much more... ", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-01T02:36:27", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: phpMyAdmin-4.9.5-1.fc30", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-04-01T02:36:27", "id": "FEDORA:5B91660DF3BF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:46:51", "description": "phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd is available in 50 languages ", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-01T01:55:57", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: phpMyAdmin-5.0.2-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-04-01T01:55:57", "id": "FEDORA:23A536040AE0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-18T14:59:03", "description": "The **phpMyAdmin** team announces the release of both **4.9.5** and\n**5.0.2**.\n\nBoth versions contain several security fixes :\n\n - PMASA-2020-2 SQL injection vulnerability in the user accounts page, particularly when changing a password\n\n - PMASA-2020-3 SQL injection vulnerability relating to the search feature\n\n - PMASA-2020-4 SQL injection and XSS having to do with displaying results\n\n - Removing of the 'options' field for the external transformation.\n\nThere are many other bugs fixes, please see the ChangeLog file included with this release for full details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-02T00:00:00", "type": "nessus", "title": "Fedora 31 : phpMyAdmin (2020-d7b0a5a84a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-04-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:phpmyadmin", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-D7B0A5A84A.NASL", "href": "https://www.tenable.com/plugins/nessus/135107", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-d7b0a5a84a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135107);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/06\");\n\n script_cve_id(\"CVE-2020-10802\", \"CVE-2020-10803\", \"CVE-2020-10804\");\n script_xref(name:\"FEDORA\", value:\"2020-d7b0a5a84a\");\n\n script_name(english:\"Fedora 31 : phpMyAdmin (2020-d7b0a5a84a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The **phpMyAdmin** team announces the release of both **4.9.5** and\n**5.0.2**.\n\nBoth versions contain several security fixes :\n\n - PMASA-2020-2 SQL injection vulnerability in the user\n accounts page, particularly when changing a password\n\n - PMASA-2020-3 SQL injection vulnerability relating to the\n search feature\n\n - PMASA-2020-4 SQL injection and XSS having to do with\n displaying results\n\n - Removing of the 'options' field for the external\n transformation.\n\nThere are many other bugs fixes, please see the ChangeLog file\nincluded with this release for full details.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-d7b0a5a84a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"phpMyAdmin-5.0.2-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:13:33", "description": "According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.9.x prior to 4.9.5 or 5.0.x prior to 5.0.2. It is, therefore, affected by multiple vulnerabilities.\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges). (CVE-2020-10804)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table. (CVE-2020-10802)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack. (CVE-2020-10803)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-12-30T00:00:00", "type": "nessus", "title": "phpMyAdmin 4.9.0 < 4.9.5 / 5.0.0 < 5.0.2 Multiple Vulnerabilities (PMASA-2020-2, PMASA-2020-3, PMASA-2020-4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:phpmyadmin:phpmyadmin"], "id": "PHPMYADMIN_PMASA_5_0_2.NASL", "href": "https://www.tenable.com/plugins/nessus/144646", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(144646);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2020-10802\", \"CVE-2020-10803\", \"CVE-2020-10804\");\n\n script_name(english:\"phpMyAdmin 4.9.0 < 4.9.5 / 5.0.0 < 5.0.2 Multiple Vulnerabilities (PMASA-2020-2, PMASA-2020-3, PMASA-2020-4)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server hosts a PHP application that is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.9.x prior to\n4.9.5 or 5.0.x prior to 5.0.2. It is, therefore, affected by multiple vulnerabilities.\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval\n of the current username (in libraries/classes/Server/Privileges.php and\n libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted\n username, and then trick the victim into performing specific actions with that user account (such as\n editing its privileges). (CVE-2020-10804)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered\n where certain parameters are not properly escaped when generating certain queries for search actions in\n libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database\n or table name. The attack can be performed if a user attempts certain search operations on the malicious\n database or table. (CVE-2020-10802)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where\n malicious code could be used to trigger an XSS attack through retrieving and displaying results (in\n tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted\n data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger\n the XSS attack. (CVE-2020-10803)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/security/PMASA-2020-2/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/security/PMASA-2020-3/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpmyadmin.net/security/PMASA-2020-4/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to phpMyAdmin version 4.9.5 / 5.0.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10802\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(661);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/30\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:phpmyadmin:phpmyadmin\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"phpMyAdmin_detect.nasl\");\n script_require_keys(\"www/PHP\", \"installed_sw/phpMyAdmin\", \"Settings/ParanoidReport\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude('vcf.inc');\ninclude('http.inc');\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nport = get_http_port(default:80, php:TRUE);\n\napp_info = vcf::get_app_info(app:'phpMyAdmin', port:port, webapp:TRUE);\n\nconstraints = [\n { 'min_version' : '4.9.0', 'fixed_version' : '4.9.5' },\n { 'min_version' : '5.0.0', 'fixed_version' : '5.0.2' }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING, flags:{sqli:TRUE});\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T14:16:53", "description": "This update for phpMyAdmin to version 4.9.5 fixes the following issues :\n\n - phpmyadmin was updated to 4.9.5 :\n\n - CVE-2020-10804: Fixed a SQL injection in the user accounts page, particularly when changing a password (boo#1167335 PMASA-2020-2).\n\n - CVE-2020-10802: Fixed a SQL injection in the search feature (boo#1167336 PMASA-2020-3).\n\n - CVE-2020-10803: Fixed a SQL injection and XSS when displaying results (boo#1167337 PMASA-2020-4).\n\n - Removed the 'options' field for the external transformation.", "cvss3": {}, "published": "2020-03-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : phpMyAdmin (openSUSE-2020-405)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-04-02T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:phpmyadmin", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-405.NASL", "href": "https://www.tenable.com/plugins/nessus/135008", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-405.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135008);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/02\");\n\n script_cve_id(\"CVE-2020-10802\", \"CVE-2020-10803\", \"CVE-2020-10804\");\n\n script_name(english:\"openSUSE Security Update : phpMyAdmin (openSUSE-2020-405)\");\n script_summary(english:\"Check for the openSUSE-2020-405 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for phpMyAdmin to version 4.9.5 fixes the following \nissues :\n\n - phpmyadmin was updated to 4.9.5 :\n\n - CVE-2020-10804: Fixed a SQL injection in the user\n accounts page, particularly when changing a password\n (boo#1167335 PMASA-2020-2).\n\n - CVE-2020-10802: Fixed a SQL injection in the search\n feature (boo#1167336 PMASA-2020-3).\n\n - CVE-2020-10803: Fixed a SQL injection and XSS when\n displaying results (boo#1167337 PMASA-2020-4).\n\n - Removed the 'options' field for the external\n transformation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167337\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"phpMyAdmin-4.9.5-lp151.2.15.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:58:16", "description": "The **phpMyAdmin** team announces the release of both **4.9.5** and\n**5.0.2**.\n\nBoth versions contain several security fixes :\n\n - PMASA-2020-2 SQL injection vulnerability in the user accounts page, particularly when changing a password\n\n - PMASA-2020-3 SQL injection vulnerability relating to the search feature\n\n - PMASA-2020-4 SQL injection and XSS having to do with displaying results\n\n - Removing of the 'options' field for the external transformation.\n\nThere are many other bugs fixes, please see the ChangeLog file included with this release for full details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-02T00:00:00", "type": "nessus", "title": "Fedora 30 : phpMyAdmin (2020-25f3aea389)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-04-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:phpmyadmin", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2020-25F3AEA389.NASL", "href": "https://www.tenable.com/plugins/nessus/135104", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-25f3aea389.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135104);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/06\");\n\n script_cve_id(\"CVE-2020-10802\", \"CVE-2020-10803\", \"CVE-2020-10804\");\n script_xref(name:\"FEDORA\", value:\"2020-25f3aea389\");\n\n script_name(english:\"Fedora 30 : phpMyAdmin (2020-25f3aea389)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The **phpMyAdmin** team announces the release of both **4.9.5** and\n**5.0.2**.\n\nBoth versions contain several security fixes :\n\n - PMASA-2020-2 SQL injection vulnerability in the user\n accounts page, particularly when changing a password\n\n - PMASA-2020-3 SQL injection vulnerability relating to the\n search feature\n\n - PMASA-2020-4 SQL injection and XSS having to do with\n displaying results\n\n - Removing of the 'options' field for the external\n transformation.\n\nThere are many other bugs fixes, please see the ChangeLog file\nincluded with this release for full details.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-25f3aea389\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"phpMyAdmin-4.9.5-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:24:37", "description": "This update for phpMyAdmin fixes the following issues :\n\nphpMyAdmin was updated to 4.9.7 (boo#1177842) :\n\n - Fix two factor authentication that was broken in 4.9.6\n\n - Fix incompatibilities with older PHP versions\n\nUpdate to 4.9.6 :\n\n - Fixed XSS relating to the transformation feature (boo#1177561 CVE-2020-26934, PMASA-2020-5)\n\n - Fixed SQL injection vulnerability in SearchController (boo#1177562 CVE-2020-26935, PMASA-2020-6) \n\nUpdate to 4.9.5 :\n\nThis is a security release containing several bug fixes.\n\n - CVE-2020-10804: SQL injection vulnerability in the user accounts page, particularly when changing a password (boo#1167335, PMASA-2020-2)\n\n - CVE-2020-10802: SQL injection vulnerability relating to the search feature (boo#1167336, PMASA-2020-3)\n\n - CVE-2020-10803: SQL injection and XSS having to do with displaying results (boo#1167337, PMASA-2020-4)\n\n - Removing of the 'options' field for the external transformation.", "cvss3": {}, "published": "2020-11-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : phpMyAdmin (openSUSE-2020-1806)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804", "CVE-2020-26934", "CVE-2020-26935"], "modified": "2020-11-20T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:phpmyadmin", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-1806.NASL", "href": "https://www.tenable.com/plugins/nessus/142572", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-1806.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(142572);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/20\");\n\n script_cve_id(\"CVE-2020-10802\", \"CVE-2020-10803\", \"CVE-2020-10804\", \"CVE-2020-26934\", \"CVE-2020-26935\");\n\n script_name(english:\"openSUSE Security Update : phpMyAdmin (openSUSE-2020-1806)\");\n script_summary(english:\"Check for the openSUSE-2020-1806 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for phpMyAdmin fixes the following issues :\n\nphpMyAdmin was updated to 4.9.7 (boo#1177842) :\n\n - Fix two factor authentication that was broken in 4.9.6\n\n - Fix incompatibilities with older PHP versions\n\nUpdate to 4.9.6 :\n\n - Fixed XSS relating to the transformation feature\n (boo#1177561 CVE-2020-26934, PMASA-2020-5)\n\n - Fixed SQL injection vulnerability in SearchController\n (boo#1177562 CVE-2020-26935, PMASA-2020-6) \n\nUpdate to 4.9.5 :\n\nThis is a security release containing several bug fixes.\n\n - CVE-2020-10804: SQL injection vulnerability in the user\n accounts page, particularly when changing a password\n (boo#1167335, PMASA-2020-2)\n\n - CVE-2020-10802: SQL injection vulnerability relating to\n the search feature (boo#1167336, PMASA-2020-3)\n\n - CVE-2020-10803: SQL injection and XSS having to do with\n displaying results (boo#1167337, PMASA-2020-4)\n\n - Removing of the 'options' field for the external\n transformation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167337\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1177561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1177562\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1177842\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected phpMyAdmin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-26935\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:phpMyAdmin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"phpMyAdmin-4.9.7-lp151.2.24.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"phpMyAdmin\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-10-21T15:38:52", "description": "The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4639-1 advisory.\n\n - Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. (CVE-2018-7260)\n\n - An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access. An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system. (CVE-2018-19968)\n\n - In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name. (CVE-2018-19970)\n\n - An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature. (CVE-2019-6798)\n\n - An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allow_local_infile PHP configuration, and the inadvertent ignoring of options(MYSQLI_OPT_LOCAL_INFILE calls. (CVE-2019-6799)\n\n - An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.\n (CVE-2019-11768)\n\n - An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) to the victim. (CVE-2019-12616)\n\n - In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page.\n An attacker must have a valid MySQL account to access the server. (CVE-2020-5504)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table. (CVE-2020-10802)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack. (CVE-2020-10803)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges). (CVE-2020-10804)\n\n - phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link. (CVE-2020-26934)\n\n - An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature.\n An attacker could use this flaw to inject malicious SQL in to a query. (CVE-2020-26935)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-19T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS : phpMyAdmin vulnerabilities (USN-4639-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19968", "CVE-2018-19970", "CVE-2018-7260", "CVE-2019-11768", "CVE-2019-12616", "CVE-2019-19617", "CVE-2019-6798", "CVE-2019-6799", "CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804", "CVE-2020-26934", "CVE-2020-26935", "CVE-2020-5504"], "modified": "2023-10-21T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:phpmyadmin"], "id": "UBUNTU_USN-4639-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143119", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4639-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143119);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/10/21\");\n\n script_cve_id(\n \"CVE-2018-7260\",\n \"CVE-2018-19968\",\n \"CVE-2018-19970\",\n \"CVE-2019-6798\",\n \"CVE-2019-6799\",\n \"CVE-2019-11768\",\n \"CVE-2019-12616\",\n \"CVE-2019-19617\",\n \"CVE-2020-5504\",\n \"CVE-2020-10802\",\n \"CVE-2020-10803\",\n \"CVE-2020-10804\",\n \"CVE-2020-26934\",\n \"CVE-2020-26935\"\n );\n script_bugtraq_id(\n 103099,\n 106178,\n 106181,\n 106727,\n 106736,\n 108617,\n 108619\n );\n script_xref(name:\"USN\", value:\"4639-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : phpMyAdmin vulnerabilities (USN-4639-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe USN-4639-1 advisory.\n\n - Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows\n remote authenticated users to inject arbitrary web script or HTML via a crafted URL. (CVE-2018-7260)\n\n - An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error\n in the transformation feature. The attacker must have access to the phpMyAdmin Configuration Storage\n tables, although these can easily be created in any database to which the attacker has access. An attacker\n must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to\n circumvent the login system. (CVE-2018-19968)\n\n - In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can\n deliver a payload to a user through a crafted database/table name. (CVE-2018-19970)\n\n - An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted\n username can be used to trigger a SQL injection attack through the designer feature. (CVE-2019-6798)\n\n - An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is\n set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the\n web server's user can access. This is related to the mysql.allow_local_infile PHP configuration, and the\n inadvertent ignoring of options(MYSQLI_OPT_LOCAL_INFILE calls. (CVE-2019-6799)\n\n - An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially\n crafted database name can be used to trigger an SQL injection attack through the designer feature.\n (CVE-2019-11768)\n\n - An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to\n trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a\n broken tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a\n payload (such as a specific INSERT or DELETE statement) to the victim. (CVE-2019-12616)\n\n - In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A\n malicious user could inject custom SQL in place of their own username when creating queries to this page.\n An attacker must have a valid MySQL account to access the server. (CVE-2020-5504)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered\n where certain parameters are not properly escaped when generating certain queries for search actions in\n libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database\n or table name. The attack can be performed if a user attempts certain search operations on the malicious\n database or table. (CVE-2020-10802)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where\n malicious code could be used to trigger an XSS attack through retrieving and displaying results (in\n tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted\n data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger\n the XSS attack. (CVE-2020-10803)\n\n - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval\n of the current username (in libraries/classes/Server/Privileges.php and\n libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted\n username, and then trick the victim into performing specific actions with that user account (such as\n editing its privileges). (CVE-2020-10804)\n\n - phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted\n link. (CVE-2020-26934)\n\n - An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL\n injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature.\n An attacker could use this flaw to inject malicious SQL in to a query. (CVE-2020-26935)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4639-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected phpmyadmin package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-26935\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/02/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:phpmyadmin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'phpmyadmin', 'pkgver': '4:4.6.6-5ubuntu0.5'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'phpmyadmin');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "suse": [{"lastseen": "2022-11-08T04:09:51", "description": "An update that fixes three vulnerabilities is now available.\n\nDescription:\n\n This update for phpMyAdmin to version 4.9.5 fixes the following issues:\n\n - phpmyadmin was updated to 4.9.5:\n\n - CVE-2020-10804: Fixed an SQL injection in the user accounts page,\n particularly when changing a password (boo#1167335 PMASA-2020-2).\n - CVE-2020-10802: Fixed an SQL injection in the search feature\n (boo#1167336 PMASA-2020-3).\n - CVE-2020-10803: Fixed an SQL injection and XSS when displaying results\n (boo#1167337 PMASA-2020-4).\n - Removed the \"options\" field for the external transformation.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-405=1\n\n - SUSE Package Hub for SUSE Linux Enterprise 12:\n\n zypper in -t patch openSUSE-2020-405=1", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-03-29T00:00:00", "type": "suse", "title": "Security update for phpMyAdmin (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-03-29T00:00:00", "id": "OPENSUSE-SU-2020:0405-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ICBXT6ESNRKRDUZETXK2EZFWSC6R5WPM/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-08T04:09:51", "description": "An update that fixes three vulnerabilities is now available.\n\nDescription:\n\n This update for phpMyAdmin to version 4.9.5 fixes the following issues:\n\n - phpmyadmin was updated to 4.9.5:\n\n - CVE-2020-10804: Fixed an SQL injection in the user accounts page,\n particularly when changing a password (boo#1167335 PMASA-2020-2).\n - CVE-2020-10802: Fixed an SQL injection in the search feature\n (boo#1167336 PMASA-2020-3).\n - CVE-2020-10803: Fixed an SQL injection and XSS when displaying results\n (boo#1167337 PMASA-2020-4).\n - Removed the \"options\" field for the external transformation.\n\n This update was imported from the openSUSE:Leap:15.1:Update update project.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Backports SLE-15-SP1:\n\n zypper in -t patch openSUSE-2020-427=1", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-03-31T00:00:00", "type": "suse", "title": "Security update for phpMyAdmin (moderate)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-03-31T00:00:00", "id": "OPENSUSE-SU-2020:0427-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/SCTHN34UUFD4SUA5QZOA62C63LIEO2ML/", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-11-06T17:59:05", "description": "An update that solves 5 vulnerabilities and has one errata\n is now available.\n\nDescription:\n\n This update for phpMyAdmin fixes the following issues:\n\n phpMyAdmin was updated to 4.9.7 (boo#1177842):\n * Fix two factor authentication that was broken in 4.9.6\n * Fix incompatibilities with older PHP versions\n\n Update to 4.9.6:\n\n - Fixed XSS relating to the transformation feature (boo#1177561\n CVE-2020-26934, PMASA-2020-5)\n - Fixed SQL injection vulnerability in SearchController (boo#1177562\n CVE-2020-26935, PMASA-2020-6)\n\n Update to 4.9.5:\n\n This is a security release containing several bug fixes.\n\n * CVE-2020-10804: SQL injection vulnerability in the user accounts page,\n particularly when changing a password (boo#1167335, PMASA-2020-2)\n * CVE-2020-10802: SQL injection vulnerability relating to the search\n feature (boo#1167336, PMASA-2020-3)\n * CVE-2020-10803: SQL injection and XSS having to do with displaying\n results (boo#1167337, PMASA-2020-4)\n * Removing of the \"options\" field for the external transformation.\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-1806=1\n\n - openSUSE Backports SLE-15-SP1:\n\n zypper in -t patch openSUSE-2020-1806=1\n\n - openSUSE Backports SLE-15:\n\n zypper in -t patch openSUSE-2020-1806=1\n\n - SUSE Package Hub for SUSE Linux Enterprise 12:\n\n zypper in -t patch openSUSE-2020-1806=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-01T00:00:00", "type": "suse", "title": "Security update for phpMyAdmin (important)", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804", "CVE-2020-26934", "CVE-2020-26935"], "modified": "2020-11-01T00:00:00", "id": "OPENSUSE-SU-2020:1806-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/POT4M47IIW7DMGD5HBEETVCX3HZSEE2J/", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "typo3": [{"lastseen": "2021-08-10T12:24:27", "description": "Multiple vulnerabilities have been found in the phpMyAdmin component.\n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.0, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-05-12T00:00:00", "type": "typo3", "title": "SQL Injection in extension \"phpMyAdmin\" (phpmyadmin)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-05-12T00:00:00", "id": "TYPO3-EXT-SA-2020-004", "href": "https://typo3.org/security/advisory/typo3-ext-sa-2020-004", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2023-12-03T17:33:22", "description": "Some SQL injections via table names and parameters were fixed. \n", "cvss3": {"exploitabilityScore": 2.1, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-04-01T04:56:57", "type": "mageia", "title": "Updated phpmyadmin packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.0, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804"], "modified": "2020-04-01T04:56:57", "id": "MGASA-2020-0150", "href": "https://advisories.mageia.org/MGASA-2020-0150.html", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}}], "ubuntu": [{"lastseen": "2023-12-03T19:39:33", "description": "## Releases\n\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * phpmyadmin \\- MySQL web administration tool\n\nIt was discovered that there was a bug in the way phpMyAdmin handles the \nphpMyAdmin Configuration Storage tables. An authenticated attacker could \nuse this vulnerability to cause phpmyAdmin to leak sensitive files. \n(CVE-2018-19968)\n\nIt was discovered that phpMyAdmin incorrectly handled user input. An \nattacker could possibly use this for an XSS attack. (CVE-2018-19970)\n\nIt was discovered that phpMyAdmin mishandled certain input. An attacker \ncould use this vulnerability to execute a cross-site scripting (XSS) attack \nvia a crafted URL. (CVE-2018-7260)\n\nIt was discovered that phpMyAdmin failed to sanitize certain input. An \nattacker could use this vulnerability to execute an SQL injection attack \nvia a specially crafted database name. (CVE-2019-11768)\n\nIt was discovered that phpmyadmin incorrectly handled some requests. An \nattacker could possibly use this to perform a CSRF attack. (CVE-2019-12616)\n\nIt was discovered that phpMyAdmin failed to sanitize certain input. An \nattacker could use this vulnerability to execute an SQL injection attack \nvia a specially crafted username. (CVE-2019-6798, CVE-2020-10804, \nCVE-2020-5504)\n\nIt was discovered that phpMyAdmin would allow sensitive files to be leaked \nif certain configuration options were set. An attacker could use this \nvulnerability to access confidential information. (CVE-2019-6799)\n\nIt was discovered that phpMyAdmin failed to sanitize certain input. An \nattacker could use this vulnerability to execute an SQL injection attack \nvia a specially crafted database or table name. (CVE-2020-10802)\n\nIt was discovered that phpMyAdmin did not properly handle data from the \ndatabase when displaying it. If an attacker were to insert specially- \ncrafted data into certain database tables, the attacker could execute a \ncross-site scripting (XSS) attack. (CVE-2020-10803)\n\nIt was discovered that phpMyAdmin was vulnerable to an XSS attack. If a \nvictim were to click on a crafted link, an attacker could run malicious \nJavaScript on the victim's system. (CVE-2020-26934)\n\nIt was discovered that phpMyAdmin did not properly handler certain SQL \nstatements in the search feature. An attacker could use this vulnerability \nto inject malicious SQL into a query. (CVE-2020-26935)\n\nIt was discovered that phpMyAdmin did not properly sanitize certain input. \nAn attacker could use this vulnerability to possibly execute an HTML injection \nor a cross-site scripting (XSS) attack. (CVE-2019-19617)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-19T00:00:00", "type": "ubuntu", "title": "phpMyAdmin vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-19968", "CVE-2018-19970", "CVE-2018-7260", "CVE-2019-11768", "CVE-2019-12616", "CVE-2019-19617", "CVE-2019-6798", "CVE-2019-6799", "CVE-2020-10802", "CVE-2020-10803", "CVE-2020-10804", "CVE-2020-26934", "CVE-2020-26935", "CVE-2020-5504"], "modified": "2020-11-19T00:00:00", "id": "USN-4639-1", "href": "https://ubuntu.com/security/notices/USN-4639-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}]}
CVE-2020-10804
