Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
phpMyAdmin Improper Restriction of XML External Entity Reference Vulnerability - CVE-2011-4107 - Vulnerability Database
phpMyAdmin

phpMyAdmin Improper Restriction of XML External Entity Reference Vulnerability - CVE-2011-4107

Medium
Reference: CVE-2011-4107
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2011-4107
Title: phpMyAdmin Improper Restriction of XML External Entity Reference Vulnerability
Overview:

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references aka an XML external entity (XXE) injection attack.