An issue exists in phpMyAdmin prior to 4.9.2. A crafted database/table name can be used to trigger a SQL injection attack through the designer feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
phpmyadmin phpmyadmin |
||
opensuse leap 15.0 |
||
fedoraproject fedora 30 |
||
opensuse leap 15.1 |
||
fedoraproject fedora 31 |
||
opensuse backports sle 15.0 |