An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the $cfg[AllowArbitraryServer] = true case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the $cfg[ServerDefault] = 0 case (which bypasses the login requirement and runs the vulnerable code without any authentication).
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpmyadmin | Phpmyadmin | 4.8.0 (including) | 4.8.2 (excluding) |
Phpmyadmin | Ubuntu | artful | * |
Phpmyadmin | Ubuntu | upstream | * |