phpMyAdmin < 2.7.0-pl1 Global Variable Overwrite
Medium Nessus Network Monitor Plugin ID 3319
SynopsisThe remote host is vulnerable to a flaw where attackers can overwrite critical variables.
DescriptionThe remote host is running phpMyAdmin, a web interface for administering MySQL database servers. This version of phpMyAdmin is vulnerable to a flaw that allows remote attackers to overwrite global variables. An attacker exploiting this flaw would only need to be able to send an HTTP query to the web server. Successful exploitation would result in critical variables being overwritten. This can lead to a partial loss of data integrity.
SolutionUpgrade to version 2.7.0-pl1 or later.