arrow_back
search
close

phpMyAdmin 'server_databases.php' Remote Command Execution Vulnerability

  Severity: HIGH
  Advisory Date: JUL 21, 2015

  DESCRIPTION

libraries/database_interface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to server_databases.php with a sort_by parameter containing PHP sequences, which are processed by create_function.

  TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

  SOLUTION

  Trend Micro Deep Security DPI Rule Number: 1006097