Lucene search

GitHub Advisory DatabaseGHSA-WJ42-52PV-WFJ2

HistoryMay 01, 2022 - 2:19 a.m.

phpMyAdmin CRLF Injection Vulnerability

2022-05-0102:19:36

GitHub Advisory Database

github.com

phpmyadmin

crlf injection

vulnerability

http response splitting

attacks

remote

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.015

Percentile

87.1%

JSON

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts.

Affected configurations

Vulners

Node

phpmyadminphpmyadminRange<2.6.4-pl4

References

github.com/advisories/GHSA-wj42-52pv-wfj2

nvd.nist.gov/vuln/detail/CVE-2005-3621

web.archive.org/web/20060514052317/securitytracker.com/alerts/2005/Nov/1015213.html

web.archive.org/web/20061015000000*/www.novell.com/linux/security/advisories/2005_28_sr.html

www.debian.org/security/2006/dsa-1207

www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-6

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.015

Percentile

87.1%

JSON

Related for GHSA-WJ42-52PV-WFJ2