Description

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters.

Remediation

References

CVE-2009-3697

Related Vulnerabilities

Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000816)

Oracle JRE CVE-2013-2473 Vulnerability (CVE-2013-2473)

Roundcube Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-3507)

Microsoft SQL Server CVE-2023-21528 Vulnerability (CVE-2023-21528)

Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.8)

Severity

High

Classification

CVE-2009-3697 CWE-138

Tags

Missing Update Known Vulnerabilities