vulnerability

phpMyAdmin: Information Exposure (CVE-2022-0813)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
5	(AV:N/AC:L/Au:N/C:P/I:N/A:N)	Mar 10, 2022	Mar 14, 2022	Mar 7, 2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Mar 10, 2022

Added

Mar 14, 2022

Modified

Mar 7, 2024

Description

PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.

Solution

phpmyadmin-upgrade-latest

References

CVE-2022-0813
https://attackerkb.com/topics/CVE-2022-0813
URL-https://security.gentoo.org/glsa/202311-17
URL-https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information
URL-https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today