Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
phpMyAdmin import.php 安全漏洞
Vulnerability Description
phpMyAdmin是phpMyAdmin团队开发的一套免费的、基于Web的MySQL数据库管理工具。该工具能够创建和删除数据库,创建、删除、修改数据库表,执行SQL脚本命令等。 phpMyAdmin 4.0.4.1之前的4.x版本中的import.php中存在漏洞,该漏洞源于程序没有正确限制输入数据到指定文件格式的能力。经过授权的攻击者可通过特制的请求利用该漏洞修改GLOBALS全局数组,从而更改配置。
CVSS Information
N/A
Vulnerability Type
N/A