phpMyAdmin Fixes Severe Local File Inclusion Vulnerability
#1
Quote:The phpMyAdmin team announced the release of the phpMyAdmin version 4.8.4 which comes with a fix for a local file inclusion vulnerability rated as severe, as well as patches for two other moderate severity security issues.

As detailed in the phpMyAdmin PMASA-2018-6 advisory, versions from 4.0 to 4.8.3 of the MySQL and MariaDB administration software suffer from a flaw which could allow potential attackers to exploit the tool and get access to the contents of a local file.

"The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any database to which the attacker has access," says the advisory. "An attacker must have valid credentials to log in to phpMyAdmin; this vulnerability does not allow an attacker to circumvent the login system."

In order to avoid having their system compromised using exploits specially crafted to address this flaw, all phpMyAdmin users have to update their installation to 4.8.4 or newer versions.

Source: https://news.softpedia.com/news/phpmyadm...4255.shtml
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>