Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-40619

Published: 20/09/2023 Updated: 03/11/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Phppgadmin Project

Vulnerability Summary

phpPgAdmin 7.14.4 and previous versions is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize()' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the 'ma[]' POST parameter is deserialized.

Vulnerable Product Search on Vulmon Subscribe to Product

phppgadmin project phppgadmin

Vendor Advisories

Debian CVElist Bug Report Logs: phppgadmin: CVE-2023-40619
Debian Bug report logs - #1053004 phppgadmin: CVE-2023-40619 Package: src:phppgadmin; Maintainer for src:phppgadmin is Debian PostgreSQL Maintainers <team+postgresql@trackerdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 26 Sep 2023 20:48:01 UTC Severity: important Tags: security, upstr ...

References

CWE-502https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-40619https://lists.debian.org/debian-lts-announce/2023/11/msg00000.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053004https://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook