Summary
phpMyAdmin is prone to a remote PHP code-injection vulnerability.
An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying computer other
attacks are also possible.
Versions prior to phpMyAdmin 2.11.10.1 are affected.
Solution
Vendor updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-3055 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- 68designs 68kb Multiple Remote File Include Vulnerabilities
- Awstats Configuration File Remote Arbitrary Command Execution Vulnerability
- Apple Safari PDF Javascript Security Bypass Bypass Vulnerability
- AlienVault OSSIM SQL Injection and Remote Code Execution Vulnerabilities
- appRain CMF SQL Injection And Cross Site Scripting Vulnerabilities