Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.51982
Category:CGI abuses
Title:phpMyAdmin Multiple Input Validation Vulnerabilities
Summary:NOSUMMARY
Description:Description:

The remote version of phpMyAdmin, according to its version
number, is vulnerable to multiple vulnerabilities that include
the ability for an attacker to add an arbitrary SQL server,
and the ability to execute arbitrary PHP code through a
maliciously constructed database table name.

Versions prior to 2.5.7-pl1 are vulnerable.

Solution: Upgrade to 2.5.7-pl1 or later.

Risk factor : High

CVSS Score:
7.5

Cross-Ref: BugTraq ID: 10629
Common Vulnerability Exposure (CVE) ID: CVE-2004-2632
http://www.securityfocus.com/bid/10629
Bugtraq: 20040628 php codes injection in phpMyAdmin version 2.5.7. (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2004-06/0444.html
Bugtraq: 20040630 Re: php codes injection in phpMyAdmin version 2.5.7. (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2004-06/0473.html
http://www.gentoo.org/security/en/glsa/glsa-200407-22.xml
http://eagle.kecapi.com/sec/fd/phpMyAdmin.html
http://www.osvdb.org/7315
http://securitytracker.com/alerts/2004/Jun/1010614.html
http://secunia.com/advisories/11974
XForce ISS Database: phpmyadmin-code-manipulation(16555)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16555
Common Vulnerability Exposure (CVE) ID: CVE-2004-2631
Bugtraq: 20041018 phpMyAdmin: Vulnerability in MIME-based transformation (Google Search)
http://marc.info/?l=bugtraq&m=109816584519779&w=2
http://www.securiteam.com/unixfocus/5QP040ADFW.html
http://www.osvdb.org/7314
http://securitytracker.com/id?1010614
XForce ISS Database: phpmyadmin-php-injection(16542)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16542
CopyrightCopyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.