Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2013-3241

Published: 26/04/2013 Updated: 19/11/2013
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 405
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Phpmyadmin

Vulnerability Summary

export.php (aka the export script) in phpMyAdmin 4.x prior to 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request.

Vulnerable Product Search on Vulmon Subscribe to Product

phpmyadmin phpmyadmin 4.0.0

Exploits

Exploit DB: phpMyAdmin 3.5.8/4.0.0-RC2 - Multiple Vulnerabilities
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin =============================================================================== Author: Janek Vind "waraxe" Date: 25 April 2013 Location: Estonia, Tartu Web: wwwwaraxeus/advisory-103html Description of vulnerable software: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ...
Exploit DB: phpMyAdmin 3.5.8 / 4.0.0-RC2 Code Execution / LFI / Overwrite
phpMyAdmin versions 358 and 400-RC2 suffer from multiple remote code execution, local file inclusion, and array overwrite vulnerabilities ...

References

NVD-CWE-noinfohttp://www.phpmyadmin.net/home_page/security/PMASA-2013-5.phphttp://archives.neohapsis.com/archives/bugtraq/2013-04/0217.htmlhttps://nvd.nist.govhttps://www.exploit-db.com/exploits/25003/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionCVE-2006-4304CVE-2023-26603CVE-2024-28327CVE-2023-50363CVE-2024-21905template injectionCVE-2024-3400cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook