exploitDog

GHSA-6442-8w69-mgwm

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

Описание

The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.

The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.

Ссылки

EPSS

Процентиль: 80%

0.01469

Низкий

CVE ID

Связанные уязвимости

CVE-2010-3055

ubuntu

почти 15 лет назад

The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.

CVE-2010-3055

nvd

почти 15 лет назад

The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.

CVE-2010-3055

debian

почти 15 лет назад

The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2 ...

EPSS

Процентиль: 80%

0.01469

Низкий

CVE ID