phpMyAdmin Detected

Severity: Information

Summary#

Invicti identified that phpMyAdmin is publicly accessible on the target server. phpMyAdmin is an application written in the PHP language that provides a web-based interface for the administration of MySQL databases.

Impact#

An attacker can access, modify or delete all MySQL databases.

Remediation#

Configure your web server to prevent public access to the phpMyAdmin directory by implementing access control mechanisms.

Classifications#

CWE-205, ISO27001-A.14.2.5, WASC-13, OWASP 2017-A6

Invicti Security Insights

Sven Morgenroth Talks About PHP Object Injection Vulnerabilities on Paul’s Security Weekly Podcast
End of Support for PHP 5 and PHP 7.0
The Powerful Resource of PHP Stream Wrappers
Sven Morgenroth Talks About PHP Type Juggling on Paul’s Security Weekly Podcast
Detailed Explanation of PHP Type Juggling Vulnerabilities

Select Category

Critical
High
Medium
Low
Best Practice
Information

Search Vulnerability

phpMyAdmin Detected

Related Articles

Build your resistance to threats. And save hundreds of hours each month.