Vulnerability
Due to a static code injection vulnerability in setup.php, remote attackers can inject arbitrary PHP code into a configuration file via the save action in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1.
Mitigation / Precaution
In order to patch this vulnerability, please install the official patch PhpMyAdmin made available for supported, vulnerable instances.
Written by
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
