PT-2004-3522 · Php · Phpmyadmin
Published
2004-12-31
·
Updated
2017-07-20
·
CVE-2004-2632
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
phpMyAdmin versions 2.5.1 through 2.5.7
Description
The issue allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers. This is achieved by modifying the
cfg['Servers'] variables.Recommendations
For phpMyAdmin versions 2.5.1 through 2.5.7, consider restricting access to the configuration settings to prevent modification of the
cfg['Servers'] variables until a patch is available.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Phpmyadmin