Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

phpMyAdmin 2.x < 2.11.11.3 / 3.x < 3.3.9.2 SQLi (PMASA-2011-2)

Medium

Synopsis

The remote web server contains a PHP application that is vulnerable to a SQL-injection attack.

Description

Versions of phpMyAdmin earlier than 2.11.11.3 / 3.3.9.2 are potentially affected by a SQL-injection vulnerability, because the application makes it possible to create a bookmark which would be executed unintentionally by other users.

Solution

Upgrade to phpMyAdmin 2.11.11.3, 3.3.9.2, or later.