Lucene search
Veracode Vulnerability DatabaseVERACODE:6836HistoryJun 22, 2018 - 3:26 a.m.
Remote Code Execution (RCE) Through File Inclusion
2018-06-2203:26:00
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
22
0.973 High
EPSS
Percentile
99.9%
phpmyadmin is vulnerable to remote code execution (RCE) attacks. The application does not properly check page validity when they are loaded or redirected, allowing a malicious user to view and execute files on the server.
| CPE | Name | Operator | Version |
|---|---|---|---|
| phpmyadmin/phpmyadmin | le | 4.8.1 |
References
packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html
www.securityfocus.com/bid/104532
github.com/phpmyadmin/composer/commit/7662d02939fb3cf6f0d9ec32ac664401dcfe7490
security.gentoo.org/glsa/201904-16
www.exploit-db.com/exploits/44924/
www.exploit-db.com/exploits/44928/
www.exploit-db.com/exploits/45020/
www.phpmyadmin.net/security/PMASA-2018-4/
Related
openvas
openvas
phpMyAdmin File Inclusion Vulnerability (PMASA-2018-4) - Windows
2018-06-26 00:00:00
phpMyAdmin File Inclusion Vulnerability (PMASA-2018-4) - Linux
2018-06-26 00:00:00
openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2018:1806-1)
2018-06-24 00:00:00
exploitpack
exploitpack
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (2)
2018-06-22 00:00:00
ubuntucve
ubuntucve
CVE-2018-12613
2018-06-21 00:00:00
attackerkb
attackerkb
CVE-2018-12613
2018-06-21 00:00:00
packetstorm
packetstorm
phpMyAdmin Authenticated Remote Code Execution
2018-07-12 00:00:00
phpMyAdmin 4.8.1 Authenticated Local File Inclusion
2018-11-27 00:00:00
phpMyAdmin 4.8.1 Code Execution / Local File Inclusion
2018-06-22 00:00:00
phpmyadmin
phpmyadmin
File inclusion and remote code execution attack
2018-06-19 00:00:00
nuclei
nuclei
PhpMyAdmin <4.8.2 - Local File Inclusion
2021-02-20 11:58:59
cvelist
cvelist
CVE-2018-12613
2018-06-21 20:00:00
zdt
zdt
phpMyAdmin Authenticated Remote Code Execution Exploit
2018-07-13 00:00:00
phpMyAdmin 4.8.1 Authenticated Local File Inclusion Vulnerability
2018-11-27 00:00:00
phpMyAdmin 4.8.1 Code Execution / Local File Inclusion Vulnerabilities
2018-06-22 00:00:00
checkpoint_advisories
checkpoint_advisories
phpMyAdmin index.php Local File Inclusion (CVE-2018-12613)
2018-10-02 00:00:00
alpinelinux
alpinelinux
CVE-2018-12613
2018-06-21 20:29:00
osv
osv
phpMyAdmin Improper Authentication
2022-05-13 01:05:22
CVE-2018-12613
2018-06-21 20:29:00
github
github
phpMyAdmin Improper Authentication
2022-05-13 01:05:22
nessus
nessus
phpMyAdmin 4.8.x < 4.8.2 Vulnerability (PMASA-2018-4)
2018-06-27 00:00:00
FreeBSD : phpmyadmin -- remote code inclusion and XSS scripting (17cb6ff3-7670-11e8-8854-6805ca0b3d42)
2018-06-25 00:00:00
openSUSE Security Update : phpMyAdmin (openSUSE-2018-669)
2018-06-25 00:00:00
nvd
nvd
CVE-2018-12613
2018-06-21 20:29:00
prion
prion
Authentication flaw
2018-06-21 20:29:00
debiancve
debiancve
CVE-2018-12613
2018-06-21 20:29:00
cve
cve
CVE-2018-12613
2018-06-21 20:29:00
dsquare
dsquare
phpMyAdmin 4.8.1 RCE
2018-07-07 00:00:00
exploitdb
exploitdb
phpMyAdmin 4.8.1 - (Authenticated) Local File Inclusion (2)
2018-06-22 00:00:00
phpMyAdmin 4.8.1 - Remote Code Execution (RCE)
2021-10-25 00:00:00
suse
suse
Security update for phpMyAdmin (important)
2018-06-23 15:10:01
Security update for phpMyAdmin (important)
2018-06-23 15:08:44
freebsd
freebsd
phpmyadmin -- remote code inclusion and XSS scripting
2018-06-21 00:00:00
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2019-04-15 00:00:00
mssecure
mssecure
Microsoft research uncovers new Zerobot capabilities
2022-12-21 20:00:00
mmpc
mmpc
Microsoft research uncovers new Zerobot capabilities
2022-12-21 20:00:00