Advisories » MGASA-2019-0357

Updated phpmyadmin packages fix security vulnerability

Publication date: 06 Dec 2019
Modification date: 06 Dec 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-18622

Description

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/
table name can be used to trigger a SQL injection attack through the
designer feature (CVE-2019-18622).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25725
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18622

SRPMS

7/core

• phpmyadmin-4.9.2-1.mga7