Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2020-11441 - Vulnerability Database
phpMyAdmin

phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability - CVE-2020-11441

Medium
Reference: CVE-2020-11441
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-11441
Title: phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component (Injection) Vulnerability
Overview:

phpMyAdmin 5.0.2 allows CRLF injection as demonstrated by 0D0Astring0D0A inputs to login form fields causing CRLF sequences to be reflected on an error page. NOTE: the vendor states quotI don39t see anything specifically exploitable.