Lucene search

K

Veracode Vulnerability DatabaseVERACODE:22765

HistoryMar 23, 2020 - 8:14 a.m.

SQL Injection

2020-03-2308:14:20

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

17

EPSS

0.001

Percentile

44.5%

phpmyadmin/phpmyadmin is vulnerable to SQL injection. A remote attacker is able to inject and execute arbitrary SQL statements to insert malicious values containing Javascript into the database. When displayed in a user’s browser, the Javascript executes in the context of the user.

References

lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html

lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html

lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html

lists.debian.org/debian-lts-announce/2020/03/msg00028.html

lists.fedoraproject.org/archives/list/[email protected]/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/

lists.fedoraproject.org/archives/list/[email protected]/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/

lists.fedoraproject.org/archives/list/[email protected]/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/

www.phpmyadmin.net/security/PMASA-2020-4/

EPSS

0.001

Percentile

44.5%

Related for VERACODE:22765

osv6 alpinelinux1 friendsofphp1 cvelist1 github1 nvd1 cve1 ubuntucve1 debiancve1 prion1 phpmyadmin1 debian1 nessus7 openvas10 fedora3 suse3 mageia1 typo31 ubuntu1