CVE-2011-1941 — Improper Input Validation in Phpmyadmin

CWE-20 — Improper Input Validation CWE-601 — Open Redirect5 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.3%

top 51.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Phpmyadmin Debian Phpmyadmin

Timeline

PublishedJan 26

Latest updateMay 17

Description

Open redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before 3.4.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

▶debiandebian/phpmyadmin< phpmyadmin 4:3.4.1-1 (bookworm)

▶Packagistphpmyadmin/phpmyadmin3.4.0 — 3.4.1

▶Debianphpmyadmin/phpmyadmin< 4:3.4.1-1+3

▶NVDphpmyadmin/phpmyadmin3.4.0.0

🔴Vulnerability Details

OSV

phpMyAdmin Open Redirect in redirector↗2022-05-17

▶

GHSA

phpMyAdmin Open Redirect in redirector↗2022-05-17

▶

OSV

CVE-2011-1941: Open redirect vulnerability in the redirector feature in phpMyAdmin 3↗2012-01-26

▶

📋Vendor Advisories

Debian

CVE-2011-1941: phpmyadmin - Open redirect vulnerability in the redirector feature in phpMyAdmin 3.4.x before...↗2011

▶