Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
libraries/server_synchronize.lib.php in the Synchronize implementation in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly quote regular expressions, which allows remote authenticated users to inject a PCRE e (aka PREG_REPLACE_EVAL) modifier, and consequently execute arbitrary PHP code, by leveraging the ability to modify the SESSION superglobal array.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpMyAdmin 'PMA_createTargetTables()'函数任意PHP代码执行漏洞
Vulnerability Description
phpMyAdmin是phpMyAdmin团队开发的一套免费的、基于Web的MySQL数据库管理工具。该工具能够创建和删除数据库,创建、删除、修改数据库表,执行SQL脚本命令等。 phpMyAdmin 3.3.10.2之前的3.x版本和3.4.3.1之前的3.4.x版本的Synchronize实现中存在代码注入漏洞,该漏洞源于传递到libraries/server_synchronize.lib.php中的“PMA_createTargetTables()”函数的输入在调用带有e修饰符的“preg_rep
CVSS Information
N/A
Vulnerability Type
N/A