Количество 7
Количество 7
CVE-2018-12613
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).
CVE-2018-12613
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).
CVE-2018-12613
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an ...
GHSA-x394-g9j8-x7mf
phpMyAdmin Improper Authentication
BDU:2018-01545
Уязвимость веб-приложения для администрирования cистем управления базами данных phpMyAdmin, связанная с недостатками процедуры аутентификации, позволяющая нарушителю просматривать и выполнять файлы на сервере
openSUSE-SU-2018:1809-1
Security update for phpMyAdmin
openSUSE-SU-2018:1806-1
Security update for phpMyAdmin
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2018-12613 An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication). | CVSS3: 8.8 | 94% Критический | около 7 лет назад |
 | CVE-2018-12613 An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication). | CVSS3: 8.8 | 94% Критический | около 7 лет назад |
| CVE-2018-12613 An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an ... | CVSS3: 8.8 | 94% Критический | около 7 лет назад |
| GHSA-x394-g9j8-x7mf phpMyAdmin Improper Authentication | CVSS3: 8.8 | 94% Критический | около 3 лет назад |
 | BDU:2018-01545 Уязвимость веб-приложения для администрирования cистем управления базами данных phpMyAdmin, связанная с недостатками процедуры аутентификации, позволяющая нарушителю просматривать и выполнять файлы на сервере | CVSS3: 8.8 | 94% Критический | около 7 лет назад |
 | openSUSE-SU-2018:1809-1 Security update for phpMyAdmin | около 7 лет назад | ||
| openSUSE-SU-2018:1806-1 Security update for phpMyAdmin | около 7 лет назад |
Уязвимостей на страницу