CVE-2009-1151

high

Details

Source: MITRE

Published: 2009-03-26

Updated: 2018-10-10

Type: CWE-94

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:beta1:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.0:rc1:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1:rc1:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.1.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.2.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3:rc1:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.3.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.4:rc1:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5:rc1:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.5.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6:rc1:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.6.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.7.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.8:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.3:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:2.11.9.4:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.0:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.1:rc1:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:*:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.2:rc1:*:*:*:*:*:*

cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:* versions up to 3.1.3 (inclusive)

cpe:2.3:a:phpmyadmin:phpmyadmin:3.1.3:rc1:*:*:*:*:*:*

Tenable Plugins

View all (7 total)

IDNameProductFamilySeverity
700609phpMyAdmin 2.11.x < 2.11.9.5 / 3.x < 3.1.3.1 RCE (PMASA-2009-3)Nessus Network MonitorCGI
high
40108openSUSE Security Update : phpMyAdmin (phpMyAdmin-711)NessusSuSE Local Security Checks
high
39570GLSA-200906-03 : phpMyAdmin: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
39569Debian DSA-1824-1 : phpmyadmin - several vulnerabilitiesNessusDebian Local Security Checks
high
36170phpMyAdmin setup.php save Action Arbitrary PHP Code Injection (PMASA-2009-3)NessusCGI abuses
high
36081openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-6133)NessusSuSE Local Security Checks
high
36012FreeBSD : phpmyadmin -- insufficient output sanitizing when generating configuration file (06f9174f-190f-11de-b2f0-001c2514716c)NessusFreeBSD Local Security Checks
high