CVE-2010-3055

CVE-2010-3055 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request.

Learn more about our Web Application Penetration Testing UK.