CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
86.1%
phpMyAdmin security team reports:
It was possible to inject arbitrary SQL commands by forcing an
authenticated user to follow a crafted link.
Such issue is quite common in many PHP applications and users
should take care what links they follow. We consider these
vulnerabilities to be quite dangerous.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | phpmyadmin | < 2.8.1 | UNKNOWN |