ID:4226 - Exploit for Input validation error in phpMyAdmin - CVE-2013-3238

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:4226 - Exploit for Input validation error in phpMyAdmin - CVE-2013-3238

ID:4226 - Exploit for Input validation error in phpMyAdmin - CVE-2013-3238

Published: August 11, 2020


Vulnerability identifier: #VU42864
Vulnerability risk: Low
CVE-ID: CVE-2013-3238
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
phpMyAdmin

Link to public exploit:


Vulnerability description

The vulnerability allows a remote #AU# to read and manipulate data.

phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /ex00 sequence, which is not properly handled before making a preg_replace function call within the "Replace table prefix" feature.


Remediation

Install update from vendor's website.