Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-3239 — Code Injection in Phpmyadmin

CWE-94 — Code Injection10 documents6 sources

Severity

4.6MEDIUMNVD

EPSS

12.3%

top 6.10%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Phpmyadmin Debian Phpmyadmin

Timeline

PublishedApr 26

Latest updateMay 17

Description

phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages4 packages

▶debiandebian/phpmyadmin< phpmyadmin 4:3.4.11.1-2 (bookworm)

▶Packagistphpmyadmin/phpmyadmin3.5.0 — 3.5.8.1

▶Debianphpmyadmin/phpmyadmin< 4:3.4.11.1-2+3

▶NVDphpmyadmin/phpmyadmin12 versions+11

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

phpMyAdmin Remote Code Execution↗2022-05-17

▶

OSV

phpMyAdmin Remote Code Execution↗2022-05-17

▶

OSV

CVE-2013-3239: phpMyAdmin 3↗2013-04-26

▶

💥Exploits & PoCs

Exploit-DB

phpMyAdmin 3.5.8/4.0.0-RC2 - Multiple Vulnerabilities↗2013-04-25

▶

📋Vendor Advisories

Debian

CVE-2013-3239: phpmyadmin - phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory...↗2013

▶

💬Community

Bugzilla

CVE-2013-3238 CVE-2013-3239 phpMyAdmin3 various flaws [epel-5]↗2013-04-24

▶

Bugzilla

CVE-2013-3238 CVE-2013-3239 phpMyAdmin various flaws [epel-6]↗2013-04-24

▶

Bugzilla

CVE-2013-3238 CVE-2013-3239 phpMyAdmin various flaws [fedora-all]↗2013-04-24

▶

Bugzilla

CVE-2013-3239 phpMyAdmin: remote code execution via locally saved SQL dump file multiple extensions (PMASA-2013-3)↗2013-04-24

▶