Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

FreeBSD06F9174F-190F-11DE-B2F0-001C2514716C

HistoryMar 24, 2009 - 12:00 a.m.

phpmyadmin -- insufficient output sanitizing when generating configuration file

2009-03-2400:00:00

vuxml.freebsd.org

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.806 High

EPSS

Percentile

98.3%

JSON

phpMyAdmin reports:

Setup script used to generate configuration can be fooled
using a crafted POST request to include arbitrary PHP code
in generated configuration file.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphpmyadmin211< 2.11.9.5UNKNOWN
FreeBSDanynoarchphpmyadmin< 3.1.3.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	phpmyadmin211	< 2.11.9.5	UNKNOWN
FreeBSD	any	noarch	phpmyadmin	< 3.1.3.1	UNKNOWN

References

www.phpmyadmin.net/home_page/security/PMASA-2009-3.php

nessus 6

canvas 1

hackerone 1

checkpoint_advisories 1

prion 1

openvas 19

packetstorm 2

symantec 1

seebug 3

redhatcve 1

cisa_kev 1

attackerkb 1

metasploit 1

cve 1

phpmyadmin 1

d2 1

exploitpack 1

dsquare 1

myhack58 1

ubuntucve 1

nuclei 1

debiancve 1

exploitdb 2

osv 1

securityvulns 2

debian 1

gentoo 1

threatpost 1

talosblog 1

nessus

phpMyAdmin setup.php save Action Arbitrary PHP Code Injection (PMASA-2009-3)

2009-04-16 00:00:00

FreeBSD : phpmyadmin -- insufficient output sanitizing when generating configuration file (06f9174f-190f-11de-b2f0-001c2514716c)

2009-03-25 00:00:00

GLSA-200906-03 : phpMyAdmin: Multiple vulnerabilities

2009-06-30 00:00:00

canvas

Immunity Canvas: PHPMYADMIN_INJECTION

2009-03-26 14:30:00

hackerone

Mail.ru: PHP code injection at tz.mail.ru

2020-02-17 16:32:55

checkpoint_advisories

PHPMyAdmin Misconfiguration Remote Code Injection (CVE-2009-1151)

2014-02-23 00:00:00

prion

Code injection

2009-03-26 14:30:00

openvas

FreeBSD Ports: phpMyAdmin211

2009-03-31 00:00:00

FreeBSD Ports: phpMyAdmin211

2009-03-31 00:00:00

phpMyAdmin Code Injection and XSS Vulnerability

2009-03-26 00:00:00

packetstorm

phpMyAdmin /scripts/setup.php Code Injection

2009-06-10 00:00:00

PhpMyAdmin Config File Code Injection

2009-12-31 00:00:00

symantec

phpMyAdmin 'setup.php' PHP Code Injection Vulnerability

2009-03-25 00:00:00

seebug

phpMyAdmin (/scripts/setup.php) PHP Code Injection Exploit

2009-06-11 00:00:00

PhpMyAdmin Config File Code Injection

2014-07-01 00:00:00

phpMyAdmin setup.php脚本PHP代码注入漏洞

2009-06-19 00:00:00

redhatcve

CVE-2009-1151

2019-10-04 21:32:59

cisa_kev

phpMyAdmin Remote Code Execution Vulnerability

2022-03-25 00:00:00

attackerkb

CVE-2009-1151

2009-03-26 00:00:00

metasploit

PhpMyAdmin Config File Code Injection

2009-11-16 08:42:32

cve

CVE-2009-1151

2009-03-26 14:30:00

phpmyadmin

Insufficient output sanitizing when generating configuration file.

2009-03-24 00:00:00

DSquare Exploit Pack: D2SEC_PHPMYADMIN_RCE

2009-03-26 14:30:00

exploitpack

phpMyAdmin - scriptssetup.php PHP Code Injection

2009-06-09 00:00:00

dsquare

Phpmyadmin File Upload

2012-04-13 00:00:00

myhack58

CVE-2 0 0 9-1 1 5 1 phpMyadmin Remote Code Injection && Execution-vulnerability warning-the black bar safety net

2014-10-23 00:00:00

ubuntucve

CVE-2009-1151

2009-03-26 00:00:00

nuclei

PhpMyAdmin Scripts - Remote Code Execution

2021-04-14 12:04:59

debiancve

CVE-2009-1151

2009-03-26 14:30:00

exploitdb

phpMyAdmin - Config File Code Injection (Metasploit)

2010-07-03 00:00:00

phpMyAdmin - '/scripts/setup.php' PHP Code Injection

2009-06-09 00:00:00

osv

phpmyadmin - several vulnerabilities

2009-06-25 00:00:00

securityvulns

[SECURITY] [DSA 1824-1] New phpmyadmin packages fix several vulnerabilities

2009-06-26 00:00:00

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

2009-06-26 00:00:00

debian

[SECURITY] [DSA 1824-1] New phpmyadmin packages fix several vulnerabilities

2009-06-25 20:55:52

gentoo

phpMyAdmin: Multiple vulnerabilities

2009-06-29 00:00:00

threatpost

State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally

2019-04-17 17:32:06

talosblog

DNS Hijacking Abuses Trust In Core Internet Service

2019-04-18 16:08:25

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.806 High

EPSS

Percentile

98.3%

JSON

Related for 06F9174F-190F-11DE-B2F0-001C2514716C