A specially crafted username through phpmyadmin can be used to trigger an SQL injection attack through the designer weakness – 30th Jan 2019

Preface: phpMyAdmin is a free software tool written in PHP, intended to handle the administration of MySQL over the Web.

Description: Phpmyadmin sometimes similar is a gadget. It can help you reset your WordPress password. It seems to be very useful, but this time the vulnerability is equivalent to the Swiss Army Knife, thus breaking your defense mechanism.

Vulnerability detail: An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.

Official reference: https://www.phpmyadmin.net/security/PMASA-2019-2/

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.