PHPMyAdmin < 2.9.2-rc2 Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 3882

Synopsis

The remote web server contains a PHP application that is affected by multiple vulnerabilities.

Description

The remote host is running phpMyAdmin, a web interface for administering MySQL database servers. This version of phpMyAdmin is vulnerable to an HTML injection attack as well as several undisclosed vulnerabilities. The details of the flaws will be released by the vendor; however, they have released a patched version of phpMyAdmin.

Solution

Upgrade to version 2.9.2-rc2 or higher.

Plugin Details

Severity: Medium

ID: 3882

Family: CGI

Published: 1/10/2007

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4.5

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.7

Vector: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:phpmyadmin:phpmyadmin

Reference Information

CVE: CVE-2006-5116, CVE-2006-5117, CVE-2007-0203, CVE-2007-0204

BID: 20253, 21987

Detections

Analytics

PHPMyAdmin < 2.9.2-rc2 Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 3882

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

VPR

CVSS v2

CVSS v3

Vulnerability Information

Reference Information