Lucene search
CVE-2011-2719
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3
Show more
| Reporter | Title | Published | Views | Family All 65 |
|---|---|---|---|---|
 | CVE-2011-2719 | 1 Aug 201119:00 | – | cvelist |
| CVE-2011-2505 | 14 Jul 201123:00 | – | cvelist |
 | Sql injection | 1 Aug 201119:55 | – | prion |
| Authentication flaw | 14 Jul 201123:55 | – | prion |
 | CVE-2011-2719 | 1 Aug 201119:55 | – | nvd |
| CVE-2011-2505 | 14 Jul 201123:55 | – | nvd |
 | CVE-2011-2719 | 1 Aug 201119:55 | – | debiancve |
| CVE-2011-2505 | 14 Jul 201123:55 | – | debiancve |
 | CVE-2011-2719 | 1 Aug 201100:00 | – | ubuntucve |
| CVE-2011-2505 | 14 Jul 201100:00 | – | ubuntucve |
10
Node
OROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROROR
Node
OROROROR
10
| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| session_to_unset | query param | /libraries/auth/swekey/swekey.auth.lib.php | Allows remote attackers to modify the SESSION superglobal and inject arbitrary PHP code via a crafted query string. | CWE-20 |
| _SESSION[ConfigFile][Servers][*/eval(getenv('HTTP_CODE'))/*][host] | query param | /libraries/auth/swekey/swekey.auth.lib.php | Allows remote attackers to modify the SESSION superglobal and inject arbitrary PHP code via a crafted query string. | CWE-20 |
| submit_save | post body | /setup/config.php | Saves injected code into a configuration file, making it possible to execute injected PHP code. | CWE-20 |
| token | post body | /setup/config.php | Saves injected code into a configuration file, making it possible to execute injected PHP code. | CWE-20 |
| eval | query param | /config/config.inc.php | Executes arbitrary PHP code that was injected into the configuration file by accessing this endpoint. | CWE-20 |
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo01 Aug 2011 19:55Current
6.3Medium risk
Vulners AI Score6.3
CVSS26.4
EPSS0.11568