phpmyadmin
Page content
- Author: Miklos Vajna
- Vulnerable: 3.1.3.1-1anacreon1
- Unaffected: 3.1.3.2-1anacreon1
A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the setup script not properly sanitising configuration parameters. This can be exploited to inject arbitrary PHP code into the phpMyAdmin configuration file. This is related to vulnerability #2 in: FSA591 NOTE: Successful exploitation requires that installation best-practices have not been followed and the setup scripts have not been deleted after a successful installation.
- Bug Tracker URL: http://bugs.frugalware.org/task/3742