Описание
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 4:2.8.0.3-1ubuntu0.2 |
| devel | not-affected | code not present |
| gutsy | ignored | end of life, was needed |
| hardy | released | 4:2.11.3-1ubuntu1.2 |
| intrepid | released | 4:2.11.8.1-1ubuntu0.1 |
| jaunty | not-affected | code not present |
| karmic | not-affected | code not present |
| upstream | needs-triage |
Показывать по
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x ...
Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.
Уязвимость файла setup.php веб-приложения для администрирования систем управления базами данных phpMyAdmin, позволяющая нарушителю выполнить произвольный PHP-код
7.5 High
CVSS2
9.8 Critical
CVSS3