Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2011-4107XML External Entity (XXE) Injection in Phpmyadmin

CWE-611XML External Entity (XXE) InjectionCWE-200Sensitive Information Exposure10 documents7 sources
Severity
6.5MEDIUMNVD
EPSS
12.4%
top 6.07%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
4
PhpmyadminDebian PhpmyadminDebian Linux+1 more
Timeline
PublishedNov 17
Latest updateMay 17

Description

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages4 packages

debiandebian/phpmyadmin< phpmyadmin 4:3.4.7.1-1 (bookworm)
NVDphpmyadmin/phpmyadmin3.3.0.03.3.10.5+1
Packagistphpmyadmin/phpmyadmin3.4.03.4.7.1+1
Debianphpmyadmin/phpmyadmin< 4:3.4.7.1-1+3

Also affects: Debian Linux 5.0, Fedora 14, 15, 16

Patches

Patch: www.phpmyadmin.netPatch: www.phpmyadmin.net

🔴Vulnerability Details

3
GHSA
phpMyAdmin vulnerable to XML external entity (XXE) injection attack2022-05-17
OSV
phpMyAdmin vulnerable to XML external entity (XXE) injection attack2022-05-17
OSV
CVE-2011-4107: The simplexml_load_string function in the XML import plug-in (libraries/import/xml2011-11-17

💥Exploits & PoCs

3
Exploit-DB
phpMyAdmin 3.3.x/3.4.x - Local File Inclusion via XML External Entity Injection (Metasploit)2012-01-14
Exploit-DB
HP JetDirect PJL - Interface Universal Directory Traversal (Metasploit)2011-08-07
Exploit-DB
HP JetDirect PJL - Query Execution (Metasploit)2011-08-07

📋Vendor Advisories

1
Debian
CVE-2011-4107: phpmyadmin - The simplexml_load_string function in the XML import plug-in (libraries/import/x...2011

📐Framework References

1
CWE
Improper Restriction of XML External Entity Reference

💬Community

1
Bugzilla
CVE-2011-4107 phpMyAdmin: Arbitrary file read flaw by loading XML strings2011-11-03