phpMyAdmin 2.x < 184.108.40.206 / 3.x < 220.127.116.11 SQLi (PMASA-2011-2)
Medium Nessus Network Monitor Plugin ID 5797
SynopsisThe remote web server contains a PHP application that is vulnerable to a SQL-injection attack.
DescriptionVersions of phpMyAdmin earlier than 18.104.22.168 / 22.214.171.124 are potentially affected by a SQL-injection vulnerability, because the application makes it possible to create a bookmark which would be executed unintentionally by other users.
SolutionUpgrade to phpMyAdmin 126.96.36.199, 188.8.131.52, or later.