Description

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files.

Remediation

References

CVE-2009-1285

Related Vulnerabilities

WordPress Plugin eShop Multiple Vulnerabilities (6.3.13)

Python Integer Overflow or Wraparound Vulnerability (CVE-2008-3143)

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.2)

PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-8994)

WordPress Plugin YITH WooCommerce Zoom Magnifier Security Bypass (1.3.11)

Severity

High

Classification

CVE-2009-1285 CWE-94

Tags

Missing Update Known Vulnerabilities