← back
CVE-2012-5159

CVE-2012-5159

EPSS 74.5%
phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary PHP code via an eval injection attack.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/21834unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://seclists.org/oss-sec/2012/q3/562http://sourceforge.net/blog/phpmyadmin-back-door/http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.phphttp://www.securityfocus.com/bid/55672