Description

PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.

Remediation

References

CVE-2022-0813

Related Vulnerabilities

Atlassian Jira Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-16862)

MySQL CVE-2021-2196 Vulnerability (CVE-2021-2196)

Oracle Application Server CVE-2007-5524 Vulnerability (CVE-2007-5524)

WordPress Plugin A. Gallery TimThumb Arbitrary File Upload (0.9rev378511)

WordPress Plugin Ultimate Membership Pro Security Bypass (8.6)

Severity

High

Classification

CVE-2022-0813 CWE-200 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities