OpenCVE

The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Phpmyadmin	Phpmyadmin
Wordpress	Wordpress

Configuration 1 [-]

AND

OR	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.0:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.1:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.2:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.3:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.4:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.5:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.6:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.6:a::::::
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.7:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.8:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.1:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.1:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.2:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.3:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.4:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.5:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.6:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.7:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.8:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.1:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.2:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.3:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.4:b::::::
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.4:c::::::
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.5:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.3:::::::*
	cpe:2.3:a:phpmyadmin:phpmyadmin:1.3:alpha::::::

cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/bugtraq/2012-12/0092.html
http://wordpress.org/extend/plugins/portable-phpmyadmin/changelog/

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-12-20T11:00:00Z

Updated: 2024-09-17T00:40:45.630Z

Reserved: 2012-10-24T00:00:00Z

Link: CVE-2012-5469

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2012-12-20T12:02:18.607

Modified: 2012-12-28T05:00:00.000

Link: CVE-2012-5469

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object