PT-2010-5491 · Phpmyadmin · Phpmyadmin
Jörg Sommer
·
Published
2010-12-17
·
Updated
2022-05-17
·
CVE-2010-4481
CVSS v4.0
8.0
High
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U |
Name of the Vulnerable Software and Affected Versions
phpMyAdmin versions prior to 3.4.0-beta1
Description
The issue allows remote attackers to bypass authentication and obtain sensitive information by making a direct request to "phpinfo.php", which calls the
phpinfo() function.Recommendations
For versions prior to 3.4.0-beta1, update to version 3.4.0-beta1 or later to resolve the issue.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpmyadmin