CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
98.9%
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an
unspecified time frame in 2012, contains an externally introduced
modification (Trojan Horse) in server_sync.php, which allows remote
attackers to execute arbitrary PHP code via an eval injection attack.
Author | Note |
---|---|
seth-arnold | Only a specific version was trojaned; we don’t ship that version |