CVE-2013-3239
CVE-2013-3239
phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTTP Server, as demonstrated by a .php.sql filename.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/25003unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/104725.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/104770.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/104936.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00181.htmlhttps://github.com/phpmyadmin/phpmyadmin/commit/1f6bc0b707002e26cab216b9e57b4d5de764de48https://github.com/phpmyadmin/phpmyadmin/commit/d3fafdfba0807068196655e9b6d16c5d1d3ccf8ahttps://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0133http://www.mandriva.com/security/advisories?name=MDVSA-2013:160http://www.phpmyadmin.net/home_page/security/PMASA-2013-3.php