5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.036 Low
EPSS
Percentile
91.6%
phpMyAdmin team reports:
We received a security advisory from Stefan Esser
([email protected]) and we wish to thank him for his
work.
It was possible to inject arbitrary SQL commands by
forcing an authenticated user to follow a crafted link.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | phpmyadmin | < 2.9.0.1 | UNKNOWN |