CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
96.5%
The phpMyAdmin development team reports:
DoS vulnerability with long passwords.
With very long passwords it was possible to initiate a
denial of service attack on phpMyAdmin.
We consider this vulnerability to be serious.
This vulnerability can be mitigated by configuring
throttling in the webserver.
XSS vulnerability in redirection mechanism.
With a crafted URL it was possible to trigger an XSS in
the redirection mechanism in phpMyAdmin.
We consider this vulnerability to be non critical.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
FreeBSD | any | noarch | phpmyadmin | = 4.2.0 | UNKNOWN |
FreeBSD | any | noarch | phpmyadmin | < 4.2.13.1 | UNKNOWN |