Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

phpMyAdmin 4.x < 4.8.5 Multiple Vulnerabilities (PMASA-2019-1) (PMASA-2019-2)

🗓️ 27 Mar 2019 00:00:00Reported by This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.Type 
nessus
 nessus🔗 www.tenable.com👁 510 Views

phpMyAdmin 4.x < 4.8.5 SQLi and File Read Vulnerabilitie

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
Tenable Nessus		openSUSE Security Update : phpMyAdmin (openSUSE-2019-194)
19 Feb 201900:00
nessus
Tenable Nessus		phpMyAdmin 4.0 < 4.8.5 Multiple Vulnerabilities (PMASA-2019-1), (PMASA-2019-2)
16 Jul 201900:00
nessus
Tenable Nessus		Debian DLA-1692-1 : phpmyadmin security update
28 Feb 201900:00
nessus
Tenable Nessus		Fedora 29 : phpMyAdmin (2019-09ae31d880)
11 Feb 201900:00
nessus
Tenable Nessus		Fedora 28 : phpMyAdmin (2019-6cfd17b03d)
11 Feb 201900:00
nessus
Tenable Nessus		Ubuntu 18.04 LTS : phpMyAdmin vulnerabilities (USN-4639-1)
19 Nov 202000:00
nessus
Tenable Nessus		Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : phpMyAdmin vulnerabilities (USN-4843-1)
16 Oct 202300:00
nessus
RedhatCVE		CVE-2019-6799
20 May 202222:39
redhatcve
Fedora		[SECURITY] Fedora 28 Update: phpMyAdmin-4.8.5-1.fc28
9 Feb 201901:53
fedora
Fedora		[SECURITY] Fedora 29 Update: phpMyAdmin-4.8.5-1.fc29
9 Feb 201902:15
fedora
Rows per page
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(123416);
  script_version("1.6");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/11/22");

  script_cve_id("CVE-2019-6798", "CVE-2019-6799");
  script_bugtraq_id(106727, 106736);

  script_name(english:"phpMyAdmin 4.x < 4.8.5 Multiple Vulnerabilities (PMASA-2019-1) (PMASA-2019-2)");

  script_set_attribute(attribute:"synopsis", value:
"The remote web server hosts a PHP application that is affected by
multiple vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"According to its self-reported version number, the phpMyAdmin
application hosted on the remote web server is 4.x prior to
4.8.5. It is, therefore, affected by at least one of the following vulnerabilities:

  - A SQL injection (SQLi) vulnerability exists in phpMyAdmin due to improper validation of user-supplied input.
  An unauthenticated, remote attacker can exploit this to inject or manipulate SQL queries in the back-end database,
  resulting in the disclosure or manipulation of arbitrary data (CVE-2019-6798).

  - An arbitrary file read vulnerability exists in phpMyAdmin when the AllowArbitraryServer configuration setting is 
  set to true. An unauthenticated, remote attacker can exploit this, via a rogue MySQL server, to read arbitrary files
  and disclose sensitive information (CVE-2019-6799).

Note that Nessus has not attempted to exploit these issues but has
instead relied only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://www.phpmyadmin.net/security/PMASA-2019-1/");
  script_set_attribute(attribute:"see_also", value:"https://www.phpmyadmin.net/security/PMASA-2019-2/");
  script_set_attribute(attribute:"solution", value:
"Upgrade to phpMyAdmin version 4.8.5 or later.
Alternatively, apply the patches referenced in the vendor advisories.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-6798");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/22");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/01/26");
  script_set_attribute(attribute:"plugin_publication_date", value:"2019/03/27");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:phpmyadmin:phpmyadmin");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_set_attribute(attribute:"enable_cgi_scanning", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2019-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("phpMyAdmin_detect.nasl");
  script_require_keys("www/PHP", "installed_sw/phpMyAdmin");
  script_require_ports("Services/www", 80);

  exit(0);
}
include("http.inc");
include("vcf.inc");

port = get_http_port(default:80, php:TRUE);
appname = "phpMyAdmin";
app_info = vcf::get_app_info(app:appname, port:port, webapp:TRUE);

constraints = [{"min_version":"4.0", "fixed_version":"4.8.5"}];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
27 Mar 2019 00:00Current
8.2High risk
Vulners AI Score8.2
CVSS27.5
CVSS39.8
EPSS0.70652
phpmyadminsql injectionarbitrary file readremote attackercve-2019-6798cve-2019-6799web servervulnerabilities
510
.json
Report