Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-3238
HistoryApr 26, 2013 - 3:34 a.m.

CVE-2013-3238

2013-04-2603:34:23
[email protected]
web.nvd.nist.gov
5

CVSS2

6

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

0.973

Percentile

99.9%

JSON

phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a preg_replace function call within the β€œReplace table prefix” feature.

Affected configurations

Nvd
Node
phpmyadminphpmyadminMatch3.5.0.0
OR
phpmyadminphpmyadminMatch3.5.1.0
OR
phpmyadminphpmyadminMatch3.5.2.0
OR
phpmyadminphpmyadminMatch3.5.2.1
OR
phpmyadminphpmyadminMatch3.5.2.2
OR
phpmyadminphpmyadminMatch3.5.3.0
OR
phpmyadminphpmyadminMatch3.5.4
OR
phpmyadminphpmyadminMatch3.5.5
OR
phpmyadminphpmyadminMatch3.5.6
OR
phpmyadminphpmyadminMatch3.5.7
OR
phpmyadminphpmyadminMatch3.5.7rc1
OR
phpmyadminphpmyadminMatch3.5.8rc1
OR
phpmyadminphpmyadminMatch4.0.0rc2
VendorProductVersionCPE
phpmyadminphpmyadmin3.5.0.0cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.0.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.1.0cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.1.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.2.0cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.2.1cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.1:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.2.2cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.2.2:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.3.0cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.3.0:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.4cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.4:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.5cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.5:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.6cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.6:*:*:*:*:*:*:*
phpmyadminphpmyadmin3.5.7cpe:2.3:a:phpmyadmin:phpmyadmin:3.5.7:*:*:*:*:*:*:*
Rows per page:
1-10 of 131

Related

phpmyadmin 1
debiancve 1
metasploit 1
saint 4
zdt 2
exploitdb 2
checkpoint_advisories 2
ubuntucve 1
prion 1
packetstorm 2
seebug 2
cvelist 1
cve 1
fedora 3
openvas 7
nessus 9
securityvulns 3
freebsd 1
exploitpack 1
gentoo 1
phpmyadmin
phpmyadmin
Remote code execution via preg_replace().
2013-04-24 00:00:00
debiancve
debiancve
CVE-2013-3238
2013-04-26 03:34:23
metasploit
metasploit
phpMyAdmin Authenticated Remote Code Execution via preg_replace()
2013-04-26 14:42:26
saint
saint
phpMyAdmin preg_replace from_prefix sanitization vulnerability
2013-05-20 00:00:00
phpMyAdmin preg_replace from_prefix sanitization vulnerability
2013-05-20 00:00:00
phpMyAdmin preg_replace from_prefix sanitization vulnerability
2013-05-20 00:00:00
zdt
zdt
phpMyAdmin Authenticated Remote Code Execution Vulnerability
2013-04-30 00:00:00
phpMyAdmin 3.5.8 and 4.0.0-RC2 - Multiple Vulnerabilities
2013-04-26 00:00:00
exploitdb
exploitdb
phpMyAdmin - 'preg_replace' (Authenticated) Remote Code Execution (Metasploit)
2013-05-01 00:00:00
phpMyAdmin 3.5.8/4.0.0-RC2 - Multiple Vulnerabilities
2013-04-25 00:00:00
checkpoint_advisories
checkpoint_advisories
PhpMyAdmin preg_replace Function Code Injection - Ver2 (CVE-2013-3238)
2015-05-18 00:00:00
PhpMyAdmin preg_replace Function Code Injection (CVE-2013-3238)
2013-05-22 00:00:00
ubuntucve
ubuntucve
CVE-2013-3238
2013-04-26 00:00:00
prion
prion
Design/Logic Flaw
2013-04-26 03:34:00
packetstorm
packetstorm
phpMyAdmin Authenticated Remote Code Execution
2013-04-29 00:00:00
phpMyAdmin 3.5.8 / 4.0.0-RC2 Code Execution / LFI / Overwrite
2013-04-25 00:00:00
seebug
seebug
phpMyAdmin preg_replace()θΏœη¨‹PHPδ»£η ζ‰§θ‘Œ
2013-04-28 00:00:00
phpMyAdmin 3.5.8 and 4.0.0-RC2 - Multiple Vulnerabilities
2014-07-01 00:00:00
cvelist
cvelist
CVE-2013-3238
2013-04-26 01:00:00
cve
cve
CVE-2013-3238
2013-04-26 03:34:23
fedora
fedora
[SECURITY] Fedora 19 Update: phpMyAdmin-3.5.8.1-1.fc19
2013-05-09 18:59:18
[SECURITY] Fedora 18 Update: phpMyAdmin-3.5.8.1-1.fc18
2013-05-09 10:10:52
[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.8.1-1.fc17
2013-05-09 09:58:00
openvas
openvas
Fedora Update for phpMyAdmin FEDORA-2013-7000
2013-05-13 00:00:00
Fedora Update for phpMyAdmin FEDORA-2013-7000
2013-05-13 00:00:00
phpMyAdmin Multiple Security Vulnerabilities (Apr 2013) - Linux
2017-08-16 00:00:00
nessus
nessus
Fedora 19 : phpMyAdmin-3.5.8.1-1.fc19 (2013-6928)
2013-05-10 00:00:00
FreeBSD : phpMyAdmin -- Multiple security vulnerabilities (8c8fa44d-ad15-11e2-8cea-6805ca0b3d42)
2013-04-25 00:00:00
Fedora 18 : phpMyAdmin-3.5.8.1-1.fc18 (2013-6977)
2013-05-10 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:160 ] phpmyadmin
2013-05-06 00:00:00
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin
2013-05-06 00:00:00
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2013-05-06 00:00:00
freebsd
freebsd
phpMyAdmin -- Multiple security vulnerabilities
2013-04-24 00:00:00
exploitpack
exploitpack
phpMyAdmin 3.5.84.0.0-RC2 - Multiple Vulnerabilities
2013-04-25 00:00:00
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2013-11-04 00:00:00

CVSS2

6

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

0.973

Percentile

99.9%

JSON
Related for NVD:CVE-2013-3238
phpmyadmin1debiancve1metasploit1saint4zdt2exploitdb2checkpoint_advisories2ubuntucve1prion1packetstorm2seebug2cvelist1cve1fedora3openvas7nessus9securityvulns3freebsd1exploitpack1gentoo1