Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-26935 - Vulnerability Database
phpMyAdmin

phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-26935

Critical
Reference: CVE-2020-26935
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-26935
Title: phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query.