Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: CGI abuses --> Category: attack

PHPMyAdmin subform File Inclusion Vulnerability Vulnerability Scan

Vulnerability Scan Summary
Checks for subform file inclusion vulnerability in PHPMyAdmin

Detailed Explanation for this Vulnerability Test

Synopsis :

The remote web server contains a PHP application that is prone to a
local file inclusion flaw.

Description :

The version of phpMyAdmin installed on the remote host allows
attackers to read and possibly execute code from arbitrary files on
the local host because of its failure to sanitize the parameter
'subform' before using it in the 'libraries/grab_globals.lib.php'

See also :

Solution :

Upgrade to phpMyAdmin 2.6.4-pl2 or later.

Threat Level:

Medium / CVSS Base Score : 4

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.