Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a "remote variable manipulation vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpMyAdmin Swekey认证功能变量修改漏洞
Vulnerability Description
phpMyAdmin是phpMyAdmin团队开发的一套免费的、基于Web的MySQL数据库管理工具。该工具能够创建和删除数据库,创建、删除、修改数据库表,执行SQL脚本命令等。 phpMyAdmin 3.3.10.2之前的3.x版本和3.4.3.1之前的3.4.x版本的Swekey认证功能中的libraries/auth/swekey/swekey.auth.lib.php为已在查询字符串中引用的任意参数分配值。远程攻击者可借助特制请求修改SESSION超全局数组。
CVSS Information
N/A
Vulnerability Type
N/A