PhpMyAdmin 'server_sync.php' Backdoor Vulnerability Network Vulnerability

Summary

phpMyAdmin is prone to a backdoor vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the application. Successful attacks will compromise the affected application. phpMyAdmin 3.5.2.2 is vulnerable other versions may also be affected.

Solution

The vendor released an update. Please see the references for details.

References

http://www.phpmyadmin.net/
http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php
http://www.securityfocus.com/bid/55672

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-5159

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Avenger's News System Command Execution
'research_display.php' SQL Injection Vulnerability
ASAS Server End User Self Service (EUSS) SQL Injection Vulnerability
Atlassian JIRA FishEye and Crucible Plugins XML Parsing Unspecified Security Vulnerability
A-Blog 'sources/search.php' SQL Injection Vulnerability

phpMyAdmin 'server_sync.php' Backdoor Vulnerability

Take action and discover your vulnerabilities