Описание
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
- Vendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 2.11.2 (включая)
cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 77%
0.01052
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
ubuntu
больше 17 лет назад
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
debian
больше 17 лет назад
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11 ...
github
больше 3 лет назад
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
EPSS
Процентиль: 77%
0.01052
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-89