Information security specialists reported the finding of two critical vulnerabilities in phpMyAdmin, the tool written in PHP to manage MySQL management through web pages. According to the report, exploiting these flaws would allow malicious users to deploy remote code execution attacks.
Below are brief reports of the reported flaws in addition to their respective scores according to the Common Vulnerability Scoring System (CVSS). It should be noted that these vulnerabilities do not have an assigned identification key.
The first of the flaws exists due to insufficient disinfection of user input within the transform function in phpMyAdmin. Remote threat actors can trick a target user into following a specially designed link and running HTML code and arbitrary script in the user’s browser in the context of a vulnerable website.
A successful attack would allow the theft of sensitive information, modification of the appearance of a website and even the deployment of phishing attacks. The fault received a score of 5.3/10.
On the other hand, the second vulnerability exists due to insufficient disinfection of user input within SearchController. This could be leveraged by malicious hackers to send specially designed requests to the affected software and execute arbitrary SQL commands on a database within phpMyAdmin.
The flaw received a score of 5.5/10 and its successful exploitation would allow remote threat actors to read, delete and modify the information in the database in order to gain complete control over the affected applications.
These vulnerabilities reside in the following versions of phpMyAdmin: 4.0, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4.1, 4.0.4.2, 4.0.5, 4.0.6, 4.0.7, 4.0.8, 4.0.9, 4.0.10, 4.0.10.0, 4.0.10.1, 4.0.10.2, 4.0.10.3, 4.0.10.4, 4.0.10.5, 4.0.10.6, 4.0.10.7, 4.0.10.8, 4.0.10.9, 4.0.10.10, 4.0.10.11, 4.0.10.12, 4.0.10.13, 4.0.10.14, 4.0.10.15, 4.0.10.16, 4.0.10.17, 4.0.10.18, 4.0.10.19, 4.0.10.20, 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.1.5, 4.1.6, 4.1.7, 4.1.8, 4.1.9, 4.1.10, 4.1.11, 4.1.12, 4.1.13, 4.1.14, 4.1.14.1, 4.1.14.2, 4.1.14.3, 4.1.14.4, 4.1.14.5, 4.1.14.6, 4.1.14.7, 4.1.14.8, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 4.2.5, 4.2.6, 4.2.7, 4.2.7.1, 4.2.8, 4.2.8.1, 4.2.9, 4.2.9.1, 4.2.10, 4.2.10.1, 4.2.11, 4.2.12, 4.2.13, 4.2.13.1, 4.2.13.2, 4.2.13.3, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7, 4.3.8, 4.3.9, 4.3.10, 4.3.11, 4.3.11.1, 4.3.12, 4.3.13, 4.3.13.1, 4.3.13.2, 4.3.13.3, 4.4, 4.4.0, 4.4.0.0, 4.4.1, 4.4.1.1, 4.4.2, 4.4.3, 4.4.4, 4.4.5, 4.4.5.0, 4.4.6, 4.4.6.0, 4.4.6.1, 4.4.7, 4.4.8, 4.4.9, 4.4.9.0, 4.4.10, 4.4.11, 4.4.11.0, 4.4.12, 4.4.13, 4.4.13.1, 4.4.14, 4.4.14.1, 4.4.15, 4.4.15.1, 4.4.15.2, 4.4.15.3, 4.4.15.4, 4.4.15.5, 4.4.15.6, 4.4.15.7, 4.4.15.8, 4.4.15.9, 4.4.15.10, 4.5.0, 4.5.0.1, 4.5.0.2, 4.5.1, 4.5.2, 4.5.3, 4.5.3.1, 4.5.4, 4.5.4.1, 4.5.5, 4.5.5.1, 4.6, 4.6.0, 4.6.1, 4.6.2, 4.6.3, 4.6.4, 4.6.5, 4.6.5.1, 4.6.5.2, 4.6.6, 4.7.0, 4.7.0-beta1, 4.7.0-rc1, 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.7.5, 4.7.6, 4.7.7, 4.7.8, 4.7.9, 4.8.0, 4.8.0.1, 4.8.1, 4.8.2, 4.8.3, 4.8.4, 4.8.5, 4.9.0, 4.9.0.1, 4.9.1, 4.9.2, 4.9.3, 4.9.4, 4.9.5, 5.0.0, 5.0.1, 5.0.2.
While these flaws could be exploited by unauthenticated remote threat actors, attempts at exploitation in real-world scenarios have not yet been reported. Vulnerabilities have already been fixed, so affected version users should only upgrade to the latest version of their deployment.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.