phpMyAdmin CVE-2013-5003 Multiple SQL Injection Vulnerabilities

phpMyAdmin is prone to multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

phpMyAdmin 3.5.x prior to 3.5.8.2 and 4.0.x prior to 4.0.4.2 are vulnerable.

Note: This issue was previously covered in BID 61493 (phpMyAdmin Multiple SQL Injection and Cross Site Scripting Vulnerabilities), but has been moved to its own record for better documentation.


 

Privacy Statement
Copyright 2010, SecurityFocus