Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:12 a.m.14 views

CVE-2013-4729

import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request...

5.5CVSS6.3AI score0.01055EPSS
Exploits2References1
seebug.org
seebug.org
added 2013/07/10 12:0 a.m.52 views

phpMyAdmin <= 4.0.4.1 import.php GLOBALS变量注入漏洞

CVECAN ID: CVE-2013-4729 phpmyadmin是MySQL数据库的在线管理工具,主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。 phpMyAdmin 4.0.4.1之前版本内的import.php没有正确限制文件格式定义数据输入权限,可使经过身份验证的远程用户修改GLOBALS超级全局数组,然后通过特制的请求更改配置。 0 phpMyAdmin = 4.0.4.1 厂商补丁: phpMyAdmin ---------- phpMyAdmin已经为此发布了一个安全公告(PMASA-2013-7)以及相应补丁:...

5.5CVSS6.4AI score0.01055EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2013/07/10 12:0 a.m.23 views

phpMyAdmin 4.x < 4.0.4.1 import.php GLOBALS Variable Injection Configuration Parameter Manipulation (PMASA-2013-7)

According to its self-identified version number, the phpMyAdmin 4.x install hosted on the remote web server is earlier than 4.0.4.1 and, therefore, contains a flaw where the 'import.php' script does not properly sanitize input. This could allow attackers to inject arbitrary GLOBALS variables and...

5.5CVSS8.4AI score0.01055EPSS
Exploits2References2
OSV
OSV
added 2013/07/04 2:33 p.m.8 views

CVE-2013-4729

import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request...

5.9AI score
Exploits0References3
CVE
CVE
added 2013/07/04 10:0 a.m.62 views

CVE-2013-4729

CVE-2013-4729 affects phpMyAdmin 4.x before 4.0.4.1. The import.php script does not properly restrict input data, allowing remote authenticated users to modify the GLOBALS superglobal and thereby change configuration via a crafted request. The NVD entry assigns CVSSv2 5.5 (AV:N/AC:L/Au:S/C:N/I:P/...

5.5CVSS6AI score0.01055EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder