Description
phpMyAdmin PHP code injection
An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected.
Mitigation
Minimal update. May introduce new vulnerabilities or breaking changes.
|
 packagist | | >=4.6 <4.6.4 || >=4.4 <4.4.15.8 || >=4.0 <4.0.10.17 | 4.6.4, 4.4.15.8, 4.0.10.17 |
 alpine v3.2 | | =3.3.10-r0 || =3.3.10-r1 || =3.3.10-r2 || =3.4.11.1-r0 || =3.4.9-r0 || =4.0.0-r0 || =4.0.1-r0 || =4.0.10-r0 || =4.0.2-r0 || =4.0.3-r0 || =4.0.4.1-r0 || =4.0.4.2-r0 || =4.0.5-r0 || =4.0.6-r0 || =4.0.7-r0 || =4.0.8-r0 || =4.0.8-r1 || =4.0.8-r2 || =4.0.9-r0 || =4.1.11-r0 || =4.1.12-r0 || =4.1.13-r0 || =4.1.14-r0 || =4.1.4-r0 || =4.1.5-r0 || =4.1.6-r0 || =4.1.7-r0 || =4.1.8-r0 || =4.1.9-r0 || =4.2.0-r0 || =4.2.1-r0 || =4.2.10-r0 || =4.2.10.1-r0 || =4.2.11-r0 || =4.2.12-r0 || =4.2.13.1-r0 || =4.2.2-r0 || =4.2.3-r0 || =4.2.4-r0 || =4.2.5-r0 || =4.2.6-r0 || =4.2.7-r0 || =4.2.7.1-r0 || =4.2.8-r0 || =4.2.8.1-r0 || =4.2.9-r0 || =4.2.9.1-r0 || =4.3.0-r0 || =4.3.1-r0 || =4.3.10-r0 || =4.3.11.1-r0 || =4.3.12-r0 || =4.3.13-r0 || =4.3.3-r0 || =4.3.4-r0 || =4.3.5-r0 || =4.3.7-r0 || =4.3.8-r0 || =4.3.9-r0 || =4.4.1.1-r0 || =4.4.15-r0 || =4.4.15.1-r0 || =4.4.15.4-r0 || =4.4.15.7-r0 || =4.4.3-r0 || =4.4.4-r0 || =4.4.5-r0 || =4.4.7-r0 || >=0 <4.4.15.8-r0 | 4.4.15.8-r0 |
 debian 11 | | | 4:4.6.4+dfsg1-1 |
debian 12 | | | 4:4.6.4+dfsg1-1 |
debian 13 | | | 4:4.6.4+dfsg1-1 |
