CVE-2011-2505
EXPLOITEDphpMyAdmin 3.x < 3.3.10.2 and 3.4.x < 3.4.3.1 - Remote Variable Manipulation via Swekey Authentication Query String
Title source: llmExploitation Summary
CVE-2011-2505 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 3 public exploits from researchers including Mango, Y5neKO.
AI-analyzed exploit summary This exploit targets a remote code injection vulnerability in phpMyAdmin versions < 3.3.10.2 and < 3.4.3.1. It leverages session poisoning and file saving to inject arbitrary PHP code into the configuration file, achieving remote code execution.
Description
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted request, related to a "remote variable manipulation vulnerability."
Exploits (3)
This exploit targets a remote code injection vulnerability in phpMyAdmin versions < 3.3.10.2 and < 3.4.3.1. It leverages session poisoning and file saving to inject arbitrary PHP code into the configuration file, achieving remote code execution.
This is a functional exploit for CVE-2011-2505, targeting phpMyAdmin 3.x. It leverages session manipulation and directory traversal to achieve remote code execution by injecting a malicious PHP payload into the configuration file.
This exploit targets a PHP session variable manipulation vulnerability in phpMyAdmin versions below 3.3.10.2 and 3.4.3.1, allowing remote code execution by injecting malicious payloads into session variables and leveraging the setup script to write a webshell.