CVE-2005-4079 — Phpmyadmin vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.6%

top 18.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpmyadmin Debian Phpmyadmin

Timeline

PublishedDec 8

Latest updateMay 1

Description

The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote attackers to exploit other vulnerabilities in phpMyAdmin by modifying the import_blacklist variable in grab_globals.php, which can then be used to overwrite other variables.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶debiandebian/phpmyadmin

▶NVDphpmyadmin/phpmyadmin2.7.0_rc1

🔴Vulnerability Details

GHSA

GHSA-r2cc-3v4v-j29x: The register_globals emulation in phpMyAdmin 2↗2022-05-01

▶

📋Vendor Advisories

Debian

CVE-2005-4079: phpmyadmin - The register_globals emulation in phpMyAdmin 2.7.0 rc1 allows remote attackers t...↗2005

▶