CVE-2009-3697

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters.

Published: Oct 16, 2009
Updated: Nov 9, 2025
CVE: CVE-2009-3697
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
phpmyadmin / phpmyadmin	3.0.1.1	3.0.1.1.x
phpmyadmin / phpmyadmin	2.11.4	2.11.4.x
phpmyadmin / phpmyadmin	3.2.1	3.2.1.x
phpmyadmin / phpmyadmin	3.2.0-beta1	3.2.0-beta1.x
phpmyadmin / phpmyadmin	2.11.1.2	2.11.1.2.x
phpmyadmin / phpmyadmin	3.1.4	3.1.4.x
phpmyadmin / phpmyadmin	3.1.3-1	3.1.3-1.x
phpmyadmin / phpmyadmin	3.1.3	3.1.3.x
phpmyadmin / phpmyadmin	2.11.5.1	2.11.5.1.x
phpmyadmin / phpmyadmin	2.11.1	2.11.1.x
phpmyadmin / phpmyadmin	2.11.5.0	2.11.5.0.x
phpmyadmin / phpmyadmin	3.2.0	3.2.0.x
phpmyadmin / phpmyadmin	3.1.0-beta1	3.1.0-beta1.x
phpmyadmin / phpmyadmin	3.2.1-rc1	3.2.1-rc1.x
phpmyadmin / phpmyadmin	3.1.2	3.1.2.x
phpmyadmin / phpmyadmin	2.11.9.0	2.11.9.0.x
phpmyadmin / phpmyadmin	3.0.0-beta	3.0.0-beta.x
phpmyadmin / phpmyadmin	3.0.0-alpha	3.0.0-alpha.x
phpmyadmin / phpmyadmin	2.11.9.1	2.11.9.1.x
phpmyadmin / phpmyadmin	2.11.0-beta1	2.11.0-beta1.x
phpmyadmin / phpmyadmin	2.11.2	2.11.2.x
phpmyadmin / phpmyadmin	2.11.7	2.11.7.x
phpmyadmin / phpmyadmin	3.1.0	3.1.0.x
phpmyadmin / phpmyadmin	2.11.5	2.11.5.x
phpmyadmin / phpmyadmin	2.11.5.2	2.11.5.2.x
phpmyadmin / phpmyadmin	2.11.2.2	2.11.2.2.x
phpmyadmin / phpmyadmin	3.0.0	3.0.0.x
phpmyadmin / phpmyadmin	2.11.1-rc1	2.11.1-rc1.x
phpmyadmin / phpmyadmin	3.2.0.1	3.2.0.1.x
phpmyadmin / phpmyadmin	2.11.5-rc1	2.11.5-rc1.x
phpmyadmin / phpmyadmin	2.11.8	2.11.8.x
phpmyadmin / phpmyadmin	3.0.0-rc1	3.0.0-rc1.x
phpmyadmin / phpmyadmin	2.11.4.0	2.11.4.0.x
phpmyadmin / phpmyadmin	3.1.5-rc1	3.1.5-rc1.x
phpmyadmin / phpmyadmin	2.11.3	2.11.3.x
phpmyadmin / phpmyadmin	2.11.2.1	2.11.2.1.x
phpmyadmin / phpmyadmin	3.1.5	3.1.5.x
phpmyadmin / phpmyadmin	3.1.1-rc1	3.1.1-rc1.x
phpmyadmin / phpmyadmin	3.1.4-rc2	3.1.4-rc2.x
phpmyadmin / phpmyadmin	2.11.3-rc1	2.11.3-rc1.x
phpmyadmin / phpmyadmin	2.11.0-rc1	2.11.0-rc1.x
phpmyadmin / phpmyadmin	2.11.9.5	2.11.9.5.x
phpmyadmin / phpmyadmin	3.1.1	3.1.1.x
phpmyadmin / phpmyadmin	2.11.6.0	2.11.6.0.x
phpmyadmin / phpmyadmin	2.11.7.0	2.11.7.0.x
phpmyadmin / phpmyadmin	3.1.3-rc1	3.1.3-rc1.x
phpmyadmin / phpmyadmin	3.1.3.2	3.1.3.2.x
phpmyadmin / phpmyadmin	2.11.2.0	2.11.2.0.x
phpmyadmin / phpmyadmin	2.11.9.2	2.11.9.2.x
phpmyadmin / phpmyadmin	2.11.9.3	2.11.9.3.x
phpmyadmin / phpmyadmin	2.11.4-rc1	2.11.4-rc1.x
phpmyadmin / phpmyadmin	2.11.1.1	2.11.1.1.x
phpmyadmin / phpmyadmin	2.11.6	2.11.6.x
phpmyadmin / phpmyadmin	3.0.1	3.0.1.x
phpmyadmin / phpmyadmin	2.11.9	2.11.9.x
phpmyadmin / phpmyadmin	2.11.0beta1	2.11.0beta1.x
phpmyadmin / phpmyadmin	3.1.0.0	3.1.0.0.x
phpmyadmin / phpmyadmin	2.11.9.4	2.11.9.4.x
phpmyadmin / phpmyadmin	3.1.3.1	3.1.3.1.x
phpmyadmin / phpmyadmin	2.11.3.0	2.11.3.0.x
phpmyadmin / phpmyadmin	2.11.0.0	2.11.0.0.x
phpmyadmin / phpmyadmin	3.1.2-rc1	3.1.2-rc1.x
phpmyadmin / phpmyadmin	3.2.0-rc1	3.2.0-rc1.x
phpmyadmin / phpmyadmin	3.2.2	3.2.2.x
phpmyadmin / phpmyadmin	3.0.1-rc1	3.0.1-rc1.x
phpmyadmin / phpmyadmin	2.11.6-rc1	2.11.6-rc1.x
phpmyadmin / phpmyadmin	2.11.1.0	2.11.1.0.x
phpmyadmin / phpmyadmin	3.2.2-rc1	3.2.2-rc1.x
phpmyadmin / phpmyadmin	2.11.0	2.11.0.x

Vulnerability Database

315,050

CVE-2009-3697

Deep Security Visibility Without the Complexity