CVE-2010-4481

phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function.

Published: Dec 17, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-4481
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-287

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
phpmyadmin / phpmyadmin	3.0.1.1	3.0.1.1.x
phpmyadmin / phpmyadmin	3.2.1	3.2.1.x
phpmyadmin / phpmyadmin	2.11.1.2	2.11.1.2.x
phpmyadmin / phpmyadmin	3.1.4	3.1.4.x
phpmyadmin / phpmyadmin	3.1.3	3.1.3.x
phpmyadmin / phpmyadmin	2.11.5.1	2.11.5.1.x
phpmyadmin / phpmyadmin	2.11.5.0	2.11.5.0.x
phpmyadmin / phpmyadmin	3.3.8.1	3.3.8.1.x
phpmyadmin / phpmyadmin	-	3.3.9.0.x
phpmyadmin / phpmyadmin	3.2.0	3.2.0.x
phpmyadmin / phpmyadmin	3.2.1-rc1	3.2.1-rc1.x
phpmyadmin / phpmyadmin	3.1.2	3.1.2.x
phpmyadmin / phpmyadmin	2.11.9.0	2.11.9.0.x
phpmyadmin / phpmyadmin	3.1.0-beta1	3.1.0-beta1.x
phpmyadmin / phpmyadmin	2.11.9.1	2.11.9.1.x
phpmyadmin / phpmyadmin	3.3.3.0	3.3.3.0.x
phpmyadmin / phpmyadmin	3.0.0-alpha	3.0.0-alpha.x
phpmyadmin / phpmyadmin	3.3.4.0	3.3.4.0.x
phpmyadmin / phpmyadmin	3.1.0	3.1.0.x
phpmyadmin / phpmyadmin	2.11.5.2	2.11.5.2.x
phpmyadmin / phpmyadmin	2.11.2.2	2.11.2.2.x
phpmyadmin / phpmyadmin	3.0.0	3.0.0.x
phpmyadmin / phpmyadmin	3.2.0-beta1	3.2.0-beta1.x
phpmyadmin / phpmyadmin	2.11.8.0	2.11.8.0.x
phpmyadmin / phpmyadmin	3.3.1.0	3.3.1.0.x
phpmyadmin / phpmyadmin	3.3.7	3.3.7.x
phpmyadmin / phpmyadmin	3.0.0-rc1	3.0.0-rc1.x
phpmyadmin / phpmyadmin	2.11.4.0	2.11.4.0.x
phpmyadmin / phpmyadmin	3.1.5-rc1	3.1.5-rc1.x
phpmyadmin / phpmyadmin	2.11.2.1	2.11.2.1.x
phpmyadmin / phpmyadmin	3.1.5	3.1.5.x
phpmyadmin / phpmyadmin	3.1.1-rc1	3.1.1-rc1.x
phpmyadmin / phpmyadmin	3.1.4-rc2	3.1.4-rc2.x
phpmyadmin / phpmyadmin	3.3.5.0	3.3.5.0.x
phpmyadmin / phpmyadmin	2.11.9.5	2.11.9.5.x
phpmyadmin / phpmyadmin	2.11.10.0	2.11.10.0.x
phpmyadmin / phpmyadmin	3.1.1	3.1.1.x
phpmyadmin / phpmyadmin	2.11.6.0	2.11.6.0.x
phpmyadmin / phpmyadmin	3.3.0.0	3.3.0.0.x
phpmyadmin / phpmyadmin	3.3.6	3.3.6.x
phpmyadmin / phpmyadmin	3.3.2.0	3.3.2.0.x
phpmyadmin / phpmyadmin	2.11.7.0	2.11.7.0.x
phpmyadmin / phpmyadmin	2.11.9.6	2.11.9.6.x
phpmyadmin / phpmyadmin	3.1.3-rc1	3.1.3-rc1.x
phpmyadmin / phpmyadmin	3.1.3.2	3.1.3.2.x
phpmyadmin / phpmyadmin	2.11.2.0	2.11.2.0.x
phpmyadmin / phpmyadmin	2.11.9.2	2.11.9.2.x
phpmyadmin / phpmyadmin	2.11.9.3	2.11.9.3.x
phpmyadmin / phpmyadmin	3.3.5.1	3.3.5.1.x
phpmyadmin / phpmyadmin	3.0.0-beta	3.0.0-beta.x
phpmyadmin / phpmyadmin	2.11.1.1	2.11.1.1.x
phpmyadmin / phpmyadmin	3.0.1	3.0.1.x
phpmyadmin / phpmyadmin	2.11.9.4	2.11.9.4.x
phpmyadmin / phpmyadmin	3.1.3.1	3.1.3.1.x
phpmyadmin / phpmyadmin	2.11.7.1	2.11.7.1.x
phpmyadmin / phpmyadmin	2.11.3.0	2.11.3.0.x
phpmyadmin / phpmyadmin	3.1.2-rc1	3.1.2-rc1.x
phpmyadmin / phpmyadmin	3.3.8	3.3.8.x
phpmyadmin / phpmyadmin	3.2.0-rc1	3.2.0-rc1.x
phpmyadmin / phpmyadmin	3.2.2	3.2.2.x
phpmyadmin / phpmyadmin	3.0.1-rc1	3.0.1-rc1.x
phpmyadmin / phpmyadmin	2.11.1.0	2.11.1.0.x
phpmyadmin / phpmyadmin	3.2.2-rc1	3.2.2-rc1.x
phpmyadmin / phpmyadmin	2.11.0	2.11.0.x
phpmyadmin / phpmyadmin	2.11.10.1	2.11.10.1.x

Vulnerability Database

CVE-2010-4481

Deep Security Visibility Without the Complexity