CVE-2008-4096

Source
https://nvd.nist.gov/vuln/detail/CVE-2008-4096
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2008-4096.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2008-4096
Downstream
Published
2008-09-18T15:04:27Z
Modified
2025-08-09T19:01:28Z
Summary
[none]
Details

libraries/databaseinterface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to serverdatabases.php with a sortby parameter containing PHP sequences, which are processed by createfunction.

References

Affected packages