Lucene search
GitHub Advisory DatabaseGHSA-X962-W72P-MV7QHistoryMay 17, 2022 - 5:07 a.m.
phpMyAdmin Global variables scope injection vulnerability
2022-05-1705:07:49
CWE-621
GitHub Advisory Database
github.com
10
phpmyadmin
global variables
scope
injection
vulnerability
import.php
software security
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
EPSS
0.001
Percentile
50.9%
import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request.
Affected configurations
Node
phpmyadminphpmyadminRange4.0β4.0.4.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| phpmyadmin | phpmyadmin | * | cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2013-4729
2013-07-04 00:00:00
cve
cve
CVE-2013-4729
2013-07-04 14:33:41
freebsd
freebsd
phpMyAdmin -- Global variable scope injection
2013-06-30 00:00:00
nessus
nessus
openvas
openvas
phpmyadmin
phpmyadmin
Global variable scope injection.
2013-06-30 00:00:00
osv
osv
phpMyAdmin Global variables scope injection vulnerability
2022-05-17 05:07:49
phpMyAdmin-4.6.5.2-1.1 on GA media
2024-06-15 00:00:00
prion
prion
Design/Logic Flaw
2013-07-04 14:33:00
seebug
seebug
phpMyAdmin <= 4.0.4.1 import.php GLOBALSει注ε
₯ζΌζ΄
2013-07-10 00:00:00
debiancve
debiancve
CVE-2013-4729
2013-07-04 14:33:41
nvd
nvd
CVE-2013-4729
2013-07-04 14:33:41
cvelist
cvelist
CVE-2013-4729
2013-07-04 10:00:00
CVSS2
5.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
EPSS
0.001
Percentile
50.9%
Related for GHSA-X962-W72P-MV7Q