phpMyAdmin SQL Injection Vulnerability (CNVD-2021-45289)

phpMyAdmin is a PHP-based database management tool for MySQL on Web-Base, allowing administrators to manage MySQL databases with a Web interface. A SQL injection vulnerability exists in the Designer feature of phpMyAdmin before 4.8.5. The vulnerability can be exploited by an attacker with a...

phpMyAdmin Arbitrary File Read Vulnerability

phpMyAdmin is a PHP-based database management tool for MySQL on Web-Base, allowing administrators to manage MySQL databases with a Web interface. An arbitrary file read vulnerability exists in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration is set to true, an attacker can...

phpMyAdmin 4.5.0 <= 4.8.4 SQL Injection Vulnerability (PMASA-2019-2) - Linux

phpMyAdmin is prone to an SQL injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

phpMyAdmin 4.0 <= 4.8.4 Arbitrary File Read Vulnerability (PMASA-2019-1) - Linux

phpMyAdmin is prone to an arbitrary file read vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

phpMyAdmin 4.0 <= 4.8.4 Arbitrary File Read Vulnerability (PMASA-2019-1) - Windows

phpMyAdmin is prone to an arbitrary file read vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

phpMyAdmin 4.5.0 <= 4.8.4 SQL Injection Vulnerability (PMASA-2019-2) - Windows

phpMyAdmin is prone to an SQL injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : phpMyAdmin -- File disclosure and SQL injection (111aefca-2213-11e9-9c8d-6805ca0b3d42)

The phpMyAdmin development team reports : Summary Arbitrary file read vulnerability Description When AllowArbitraryServer configuration set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. phpMyadmin attempts to bloc...

Sql injection

An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature...

Code injection

An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allowlocalinfile PHP...

CVE-2019-6799

An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allowlocalinfile PHP...

CVE-2019-6798

An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature...

CVE-2019-6798

An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature...

UBUNTU-CVE-2019-6798

An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature...

CVE-2019-6798

An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature...

CVE-2019-6799

An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allowlocalinfile PHP...

CVE-2019-6799

An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allowlocalinfile PHP...

DEBIAN-CVE-2019-6799

An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allowlocalinfile PHP...

UBUNTU-CVE-2019-6799

An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. This is related to the mysql.allowlocalinfile PHP...

DEBIAN-CVE-2019-6798

An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature...

CVE-2019-6799

Summary of CVE-2019-6799 (phpMyAdmin) Affected: phpMyAdmin before 4.8.5. The issue arises when the AllowArbitraryServer setting is true and a rogue MySQL server is used. The vulnerability allows an attacker to read arbitrary files on the server that the web server user can access. It is related t...