Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2009-04-16 08:12
Updated : 2009-04-27 22:39
NVD link : CVE-2009-1285
Mitre link : CVE-2009-1285
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
phpmyadmin
- phpmyadmin