CVE-2020-11441

Опубликовано: 31 мар. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states "I don't see anything specifically exploitable.

Ссылки

https://github.com/phpmyadmin/phpmyadmin/issues/16056
Exploit
Issue Tracking
Third Party Advisory
https://github.com/phpmyadmin/phpmyadmin/issues/16056
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:phpmyadmin:phpmyadmin:5.0.2:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02644

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

CVE-2020-11441

CVSS3: 6.1

ubuntu

больше 5 лет назад

** DISPUTED ** phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states "I don't see anything specifically exploitable."

CVE-2020-11441

CVSS3: 6.1

debian

больше 5 лет назад

phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astrin ...

GHSA-j2jx-6pcj-jfpf

github

около 3 лет назад

phpMyAdmin 5.0.2 allows CRLF injection, as demonstrated by %0D%0Astring%0D%0A inputs to login form fields causing CRLF sequences to be reflected on an error page.

EPSS

Процентиль: 85%

0.02644

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-74