Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2012-5159

Published: 25/09/2012 Updated: 26/01/2013
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Phpmyadmin

Vulnerability Summary

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote malicious users to execute arbitrary PHP code via an eval injection attack.

Vulnerable Product Search on Vulmon Subscribe to Product

phpmyadmin phpmyadmin 3.5.2.2

Exploits

Exploit DB: phpMyAdmin 3.5.2.2 - 'server_sync.php' Backdoor (Metasploit)
## # $Id$ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include M ...

References

CWE-94http://seclists.org/oss-sec/2012/q3/562http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.phphttp://sourceforge.net/blog/phpmyadmin-back-door/http://www.securityfocus.com/bid/55672https://nvd.nist.govhttps://www.exploit-db.com/exploits/21834/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671unauthorizedCVE-2024-4776CVE-2024-3407CVE-2024-26026CVE-2024-32888wirelessCVE-2024-4656template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook