- Home
- CVEs with nessus.description==The setup script included with the version of phpMyAdmin installed on the remote host does not properly sanitize user-supplied input before using it to generate a config file for the application. Submitting a specially crafted POST request can result in arbitrary PHP code injection.
A remote attacker could exploit this issue in a cross-site request forgery attack, which could be used to execute arbitrary commands on the system with the privileges of the web server.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top