phpMoAdmin remote code execution - Vulnerability Database

phpMoAdmin remote code execution

Description

phpMoAdmin is a MongoDB administration tool for PHP. A remote code execution vulnerability was reported in this web application. Also, this application is not designed to be publicly accessible and doesn't have any type of authorization so anybody can remotely view and modify your MongoDB databases.

Remediation

Restrict access to the moadmin.php file. This application is not designed to be publicly accessible.

References

PHPMoAdmin Unauthorized Remote Code Execution

Related Vulnerabilities

Severity

High

Classification

CWE-95

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N