Description

PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.

Remediation

References

CVE-2022-0813

Related Vulnerabilities

MySQL CVE-2018-2769 Vulnerability (CVE-2018-2769)

MySQL CVE-2018-3187 Vulnerability (CVE-2018-3187)

WordPress Plugin Duo Two-Factor Authentication Security Bypass (1.8.1)

WordPress Plugin Comment and Review Spam Control for WooCommerce Security Bypass (1.4.2)

WordPress Plugin Xerte Online 'save.php' Arbitrary File Upload (0.32)

Severity

High

Classification

CVE-2022-0813 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities