Описание
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
- Vendor Advisory
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 2.11.2 (включая)
cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01173
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-89
Связанные уязвимости
ubuntu
около 18 лет назад
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
debian
около 18 лет назад
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11 ...
github
больше 3 лет назад
SQL injection vulnerability in db_create.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter.
EPSS
Процентиль: 78%
0.01173
Низкий
6.5 Medium
CVSS2
Дефекты
CWE-89