CVE-2020-5504 vulnerability in phpMyAdmin and Other Products
Published on January 9, 2020

In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server.

Vendor Advisory NVD

Products Associated with CVE-2020-5504

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-5504 are published in these products:

phpMyAdmin

Debian Linux

Suse Linux Enterprise Server

Exploit Probability

EPSS

23.14%

Percentile

95.81%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-5504 vulnerability in phpMyAdmin and Other ProductsPublished on January 9, 2020

Products Associated with CVE-2020-5504

Exploit Probability

CVE-2020-5504 vulnerability in phpMyAdmin and Other Products
Published on January 9, 2020