|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-05-07 | |
| Rule Name: | PHPMyAdmin GetShellBylog Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | PHPMyAdmin is one of the most widely used MySQL graphical management tools. It is a B/S-based MySQL client software developed with PHP. By using an account with readable and writable permissions, the attacker changes the existing address of the log to an address that can be accessed by the front end, then changes the log file suffix to a common shell file suffix, and writes malicious shell code, finally, getshell is complete. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |