Summary
According to its version number, the remote version of phpMyAdmin is prone to a remote PHP code-injection vulnerability.
An attacker can exploit this issue to inject and execute arbitrary malicious PHP code in the context of the webserver process. This may facilitate a compromise of the application and the underlying system
other attacks are also possible.
phpMyAdmin 3.x versions prior to 3.1.3.2 are vulnerable.
Solution
Vendor updates are available. Please see http://www.phpmyadmin.net for more Information.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-1285 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities