Lucene search

K

Gentoo FoundationMGASA-2020-0033

HistoryJan 12, 2020 - 2:52 a.m.

Updated phpmyadmin packages fix security vulnerability

2020-01-1202:52:04

Gentoo Foundation

advisories.mageia.org

13

0.003 Low

EPSS

Percentile

70.7%

Updated phpmyadmin package fix security vulnerability: A SQL injection flaw has been discovered in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server (CVE-2020-5504).

OSVersionArchitecturePackageVersionFilename
Mageia7noarchphpmyadmin< 4.9.4-1phpmyadmin-4.9.4-1.mga7

References

bugs.mageia.org/show_bug.cgi?id=26036

www.phpmyadmin.net/news/2020/1/8/phpmyadmin-494-and-501-are-released/

www.phpmyadmin.net/security/PMASA-2020-1/

0.003 Low

EPSS

Percentile

70.7%

Related for MGASA-2020-0033

cvelist1 openvas6 phpmyadmin1 alpinelinux1 debian1 github1 nessus6 veracode1 ubuntucve1 osv6 debiancve1 freebsd1 friendsofphp1 cve1 prion1 symantec1 typo31 suse1 ubuntu2