Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-3241Phpmyadmin vulnerability

4 documents4 sources
Severity
4.0MEDIUMNVD
EPSS
3.4%
top 12.62%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
PhpmyadminDebian Phpmyadmin
Timeline
PublishedApr 26
Latest updateMay 17

Description

export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

🔴Vulnerability Details

1
GHSA
GHSA-q7pr-6mgq-3m32: export2022-05-17

💥Exploits & PoCs

1
Exploit-DB
phpMyAdmin 3.5.8/4.0.0-RC2 - Multiple Vulnerabilities2013-04-25

📋Vendor Advisories

1
Debian
CVE-2013-3241: phpmyadmin - export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites...2013