Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2009-1151HistoryMar 26, 2009 - 2:30 p.m.
CVE-2009-1151
2009-03-2614:30:00
Debian Security Bug Tracker
security-tracker.debian.org
14
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.806 High
EPSS
Percentile
98.3%
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | phpmyadmin | <ย 4:3.1.3.1-1 | phpmyadmin_4:3.1.3.1-1_all.deb |
| Debian | 11 | all | phpmyadmin | <ย 4:3.1.3.1-1 | phpmyadmin_4:3.1.3.1-1_all.deb |
| Debian | 999 | all | phpmyadmin | <ย 4:3.1.3.1-1 | phpmyadmin_4:3.1.3.1-1_all.deb |
| Debian | 13 | all | phpmyadmin | <ย 4:3.1.3.1-1 | phpmyadmin_4:3.1.3.1-1_all.deb |
Related
nessus
nessus
phpMyAdmin setup.php save Action Arbitrary PHP Code Injection (PMASA-2009-3)
2009-04-16 00:00:00
FreeBSD : phpmyadmin -- insufficient output sanitizing when generating configuration file (06f9174f-190f-11de-b2f0-001c2514716c)
2009-03-25 00:00:00
GLSA-200906-03 : phpMyAdmin: Multiple vulnerabilities
2009-06-30 00:00:00
canvas
canvas
Immunity Canvas: PHPMYADMIN_INJECTION
2009-03-26 14:30:00
hackerone
hackerone
Mail.ru: PHP code injection at tz.mail.ru
2020-02-17 16:32:55
checkpoint_advisories
checkpoint_advisories
PHPMyAdmin Misconfiguration Remote Code Injection (CVE-2009-1151)
2014-02-23 00:00:00
prion
prion
Code injection
2009-03-26 14:30:00
openvas
openvas
FreeBSD Ports: phpMyAdmin211
2009-03-31 00:00:00
FreeBSD Ports: phpMyAdmin211
2009-03-31 00:00:00
phpMyAdmin Code Injection and XSS Vulnerability
2009-03-26 00:00:00
packetstorm
packetstorm
phpMyAdmin /scripts/setup.php Code Injection
2009-06-10 00:00:00
PhpMyAdmin Config File Code Injection
2009-12-31 00:00:00
symantec
symantec
phpMyAdmin 'setup.php' PHP Code Injection Vulnerability
2009-03-25 00:00:00
seebug
seebug
phpMyAdmin (/scripts/setup.php) PHP Code Injection Exploit
2009-06-11 00:00:00
PhpMyAdmin Config File Code Injection
2014-07-01 00:00:00
phpMyAdmin setup.php่ๆฌPHPไปฃ็ ๆณจๅ
ฅๆผๆด
2009-06-19 00:00:00
redhatcve
redhatcve
CVE-2009-1151
2019-10-04 21:32:59
attackerkb
attackerkb
CVE-2009-1151
2009-03-26 00:00:00
metasploit
metasploit
PhpMyAdmin Config File Code Injection
2009-11-16 08:42:32
phpmyadmin
phpmyadmin
Insufficient output sanitizing when generating configuration file.
2009-03-24 00:00:00
cve
cve
CVE-2009-1151
2009-03-26 14:30:00
cisa_kev
cisa_kev
phpMyAdmin Remote Code Execution Vulnerability
2022-03-25 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_PHPMYADMIN_RCE
2009-03-26 14:30:00
exploitpack
exploitpack
phpMyAdmin - scriptssetup.php PHP Code Injection
2009-06-09 00:00:00
dsquare
dsquare
Phpmyadmin File Upload
2012-04-13 00:00:00
myhack58
myhack58
ubuntucve
ubuntucve
CVE-2009-1151
2009-03-26 00:00:00
freebsd
freebsd
nuclei
nuclei
PhpMyAdmin Scripts - Remote Code Execution
2021-04-14 12:04:59
exploitdb
exploitdb
phpMyAdmin - Config File Code Injection (Metasploit)
2010-07-03 00:00:00
phpMyAdmin - '/scripts/setup.php' PHP Code Injection
2009-06-09 00:00:00
osv
osv
phpmyadmin - several vulnerabilities
2009-06-25 00:00:00
securityvulns
securityvulns
debian
debian
[SECURITY] [DSA 1824-1] New phpmyadmin packages fix several vulnerabilities
2009-06-25 20:55:52
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2009-06-29 00:00:00
threatpost
threatpost
State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally
2019-04-17 17:32:06
talosblog
talosblog
DNS Hijacking Abuses Trust In Core Internet Service
2019-04-18 16:08:25
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.806 High
EPSS
Percentile
98.3%
Related for DEBIANCVE:CVE-2009-1151