Miggo Logo
Miggo Vulnerability Database
CVE-2018-19968

CVE-2018-19968:
phpMyAdmin Local file inclusion through transformation feature

6.5

CVSS Score
3.0

Basic Information

CVE ID
CVE-2018-19968
GHSA ID
GHSA-xc97-r49q-cxgc
EPSS Score
0.85221%
CWE
CWE-200
Published
5/14/2022
Updated
4/24/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
phpmyadmin/phpmyadmincomposer< 4.8.44.8.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from unsafe 'include_once' calls in transformation handling code. The patch removed these includes and added 'class_exists' checks, indicating prior direct file inclusion from user-controlled paths (via database-stored transformation settings). These functions loaded transformation plugins by directly including files specified in configuration tables, which attackers could manipulate to point to local files. The removal of 'include_once' in the commit confirms these were the vulnerable points.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n *tt**k*r **n *xploit p*pMy**min ***or* *.*.* to l**k t** *ont*nts o* * lo**l *il* ****us* o* *n *rror in t** tr*ns*orm*tion ***tur*. T** *tt**k*r must **v* ****ss to t** p*pMy**min *on*i*ur*tion Stor*** t**l*s, *lt*ou** t**s* **n **sily ** *r**t**

Reasoning

T** vuln*r**ility st*ms *rom uns*** 'in*lu**_on**' **lls in tr*ns*orm*tion **n*lin* *o**. T** p*t** r*mov** t**s* in*lu**s *n* ***** '*l*ss_*xists' ****ks, in*i**tin* prior *ir**t *il* in*lusion *rom us*r-*ontroll** p*t*s (vi* **t***s*-stor** tr*ns*o