SQL Injection Affecting phpmyadmin package, versions <4:5.0.4+dfsg1-1
Threat Intelligence
EPSS
0.14% (51st
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN11-PHPMYADMIN-3317142
- published 9 Feb 2023
- disclosed 26 Jan 2023
Introduced: 26 Jan 2023
CVE-2020-22452 Open this link in a new tabHow to fix?
Upgrade Debian:11 phpmyadmin to version 4:5.0.4+dfsg1-1 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream phpmyadmin package and not the phpmyadmin package as distributed by Debian.
See How to fix? for Debian:11 relevant fixed versions and status.
SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.
CVSS Scores
version 3.1