CVE-2010-3055
CVE-2010-3055 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.
Learn more about our Web Application Penetration Testing UK.