Lucene search

GitHub Advisory DatabaseGHSA-V6FW-XF2C-8Q43

HistoryMay 17, 2022 - 5:34 a.m.

phpMyAdmin Open Redirect in redirector

2022-05-1705:34:37

CWE-601

GitHub Advisory Database

github.com

open redirect

phpmyadmin

vulnerability

remote attackers

phishing attacks

unspecified vectors

software

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.2

Confidence

Low

EPSS

0.002

Percentile

64.8%

JSON

Open redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before 3.4.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected configurations

Vulners

Node

phpmyadminphpmyadminRange3.4.0–3.4.1

VendorProductVersionCPE
phpmyadminphpmyadmin*cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
phpmyadmin	phpmyadmin	*	cpe:2.3:a:phpmyadmin:phpmyadmin::::::::

References

phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f

phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commitdiff;h=ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d

www.phpmyadmin.net/home_page/security/PMASA-2011-4.php

github.com/advisories/GHSA-v6fw-xf2c-8q43

github.com/phpmyadmin/composer/commit/b7a8179eb6bf0f1643970ac57a70b5b513a1cd4f

github.com/phpmyadmin/composer/commit/ecfc8ba4f7b4ea612c58ab5726054ed0f28e200d

nvd.nist.gov/vuln/detail/CVE-2011-1941

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

7.2

Confidence

Low

EPSS

0.002

Percentile

64.8%

JSON

Related for GHSA-V6FW-XF2C-8Q43