CVE-2010-4481
CVE-2010-4481
phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function.
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commitdiff%3Bh=4d9fd005671b05c4d74615d5939ed45e4d019e4chttp://secunia.com/advisories/42485http://secunia.com/advisories/42725http://www.debian.org/security/2010/dsa-2139http://www.mandriva.com/security/advisories?name=MDVSA-2011:000http://www.phpmyadmin.net/home_page/security/PMASA-2010-10.phphttp://www.vupen.com/english/advisories/2010/3238http://www.vupen.com/english/advisories/2011/0001http://www.vupen.com/english/advisories/2011/0027