CVE-2020-10802 vulnerability in phpMyAdmin and Other Products
Published on March 22, 2020

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2020-10802

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-10802 are published in these products:

phpMyAdmin

Debian Linux

Fedora Project Fedora

OpenSuse Leap

OpenSuse Backports Sle

Exploit Probability

EPSS

1.62%

Percentile

81.57%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-10802 vulnerability in phpMyAdmin and Other ProductsPublished on March 22, 2020

Products Associated with CVE-2020-10802

Exploit Probability

CVE-2020-10802 vulnerability in phpMyAdmin and Other Products
Published on March 22, 2020