An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query.
{ "severity": "Critical", "cpes": [ "cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*" ] }