CVE-2009-1285
EPSS 36.1%
Description
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files.
How to fix CVE-2009-1285
To remediate CVE-2009-1285, upgrade the affected package to a fixed version below.
- Debian/phpmyadmin—upgrade to 4:3.1.3.2-1 or later
Is CVE-2009-1285 being exploited?
Moderate — EPSS is 36.1%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 4:3.1.3.2-1