icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

phpMyAdmin < 2.7.0-pl1 Global Variable Overwrite

Medium

Synopsis

The remote host is vulnerable to a flaw where attackers can overwrite critical variables.

Description

The remote host is running phpMyAdmin, a web interface for administering MySQL database servers. This version of phpMyAdmin is vulnerable to a flaw that allows remote attackers to overwrite global variables. An attacker exploiting this flaw would only need to be able to send an HTTP query to the web server. Successful exploitation would result in critical variables being overwritten. This can lead to a partial loss of data integrity.

Solution

Upgrade to version 2.7.0-pl1 or later.