cbcvebase.
CVE-2013-3239
published 2013-04-26

CVE-2013-3239: phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by…

PriorityP339medium4.6CVSS 2.0
AVNACHAuSCPIPAP
EXPLOIT
EPSS
8.75%
94.5th percentile
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.

Affected

18 ranges
VendorProductVersion rangeFixed in
debianphpmyadmin< phpmyadmin 4:3.4.11.1-2 (bookworm)phpmyadmin 4:3.4.11.1-2 (bookworm)
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin
phpmyadminphpmyadmin>= 0 < 4:3.4.11.1-24:3.4.11.1-2
phpmyadminphpmyadmin>= 0 < 4:3.4.11.1-24:3.4.11.1-2
phpmyadminphpmyadmin>= 0 < 4:3.4.11.1-24:3.4.11.1-2
phpmyadminphpmyadmin>= 0 < 4:3.4.11.1-24:3.4.11.1-2
phpmyadminphpmyadmin>= 3.5.0 < 3.5.8.13.5.8.1

CVSS provenance

nvdv2.04.6MEDIUMAV:N/AC:H/Au:S/C:P/I:P/A:P
osv4.6MEDIUM
vendor_debian4.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.