Download Ransomware Index Update Q1 2022
Back to all zero days

SQL Injection with Missing Functional Level Access in phpMyAdmin

Affected Vendor

phpMyAdmin

Status

Fixed

Date

Dec 12, 2019

High Severity

Description

A SQL injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements that control a web application's database server. Missing functional level access flaws allow attackers to access unauthorized functionality. SQL injection (SQLi) vulnerability was identified with the conjunction of missing function level access in the latest version of the phpMyAdmin database. The vulnerability affects http://localhost/phpmyadmin/server_privileges.php, username.

Proof of concept: (POC)

The following vulnerability was tested on phpMyAdmin version 5.0. 

Issue: SQL Injection with missing functional level access: 

1. Log in to the phpMyAdmin GUI 

2. Installed PhpMyAdmin (Version 5.0)

Figure 01: phpMyAdmin Installed Version 5.0.0

Figure 02: List of user accounts and privileges in the database.

Figure 03: Test user doesn’t have global privileges just for information.