CVE-2009-1285

EPSS 36.1%

Published: 4/16/2009Modified: 5/7/2026

Also known as:DEBIAN-CVE-2009-1285

Description

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files.

Affected packages (1)

Debian/phpmyadminfrom 0, < 4:3.1.3.2-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-1285