VULHUB ™

phpMyAdmin is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data. The following specific issues can affect the application: It is reported that a malicious attacker can add arbitrary servers to phpMyAdmin. By constructing a URI request for the phpMyAdmin 'left.php' script an attacker may specify and add an arbitrary SQL server. A remote attacker may exploit this vulnerability to replace server configurations and as a result introduce a malicious SQL server into the phpMyAdmin controlled server list. phpMyAdmin is reported prone to a remote PHP code execution vulnerability. It is reported that a malicious database table name beginning with "'" will escape the quotes in a PHP eval() statement and will thereby permit an attacker to execute arbitrary PHP code.

phpMyAdmin is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data. The following specific issues can affect the application: It is reported that a malicious attacker can add arbitrary servers to phpMyAdmin. By constructing a URI request for the phpMyAdmin 'left.php' script an attacker may specify and add an arbitrary SQL server. A remote attacker may exploit this vulnerability to replace server configurations and as a result introduce a malicious SQL server into the phpMyAdmin controlled server list. phpMyAdmin is reported prone to a remote PHP code execution vulnerability. It is reported that a malicious database table name beginning with "'" will escape the quotes in a PHP eval() statement and will thereby permit an attacker to execute arbitrary PHP code.