Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2011-2505 - Vulnerability Database
phpMyAdmin

phpMyAdmin Improper Control of Generation of Code (Code Injection) Vulnerability - CVE-2011-2505

Medium
Reference: CVE-2011-2505
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-2505
Title: phpMyAdmin Improper Control of Generation of Code (Code Injection) Vulnerability
Overview:

libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string which allows remote attackers to modify the SESSION superglobal array via a crafted request related to a quotremote variable manipulation vulnerability.quot