CVE Vulnerabilities

CVE-2013-3241

Published: Apr 26, 2013 | Modified: Nov 19, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request.

Affected Software

Name Vendor Start Version End Version
Phpmyadmin Phpmyadmin 4.0.0 4.0.0

References