CVE-2008-4096 in phpMyAdmininfo

Summary

libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.

Reservation

09/15/2008

Disclosure

09/18/2008

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
3835	phpMyAdmin input validation	20	Proof-of-Concept	Official fix	CVE-2008-4096
3823	phpMyAdmin server_databases.php input validation	20	Proof-of-Concept	Official fix	CVE-2008-4096

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Do you need the next level of professionalism?

Upgrade your account now!