CVE-2013-3241

export.php (aka the export script) in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request.

Published: Apr 26, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-3241
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
phpmyadmin / phpmyadmin	4.0.0-rc2	4.0.0-rc2.x

http://archives.neohapsis.com/archives/bugtraq/2013-04/0217.html
http://www.phpmyadmin.net/home_page/security/PMASA-2013-5.php

Vulnerability Database

289,871

CVE-2013-3241