-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe analysis focused on the changes made in the patches to identify vulnerable code. The modifications to validate $export_type in both libraries/schema/User_Schema.class.php and schema_export.php indicate that the previous versions were vulnerable to directory traversal attacks. The function _processExportSchema in User_Schema.class.php is directly implicated. For schema_export.php, while the exact function is not specified in the patch, the handling of $export_type is critical.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| phpmyadmin/phpmyadmin | composer | >= 3.4, < 3.4.3.2 | 3.4.3.2 |