CVE-2011-4107

MEDIUM

phpMyAdmin <3.4.7.1 & <3.3.10.5 - XXE Injection

Title source: llm

Description

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.

Exploits (2)

nomisec WORKING POC 4 stars

by SECFORCE · poc

https://github.com/SECFORCE/CVE-2011-4107

View Code ZIP pw:eip

exploitdb WORKING POC

by Marco Batista · rubywebappsphp

https://www.exploit-db.com/exploits/18371

View Code ZIP pw:eip

References (17)

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html

[Broken Link] http://osvdb.org/76798

[Broken Link, Exploit] http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2011/Nov/21

[Broken Link, Vendor Advisory] http://secunia.com/advisories/46447

[Broken Link] http://securityreason.com/securityalert/8533

[Mailing List] http://www.debian.org/security/2012/dsa-2391

[Broken Link] http://www.mandriva.com/security/advisories?name=MDVSA-2011:198

[Mailing List] http://www.openwall.com/lists/oss-security/2011/11/03/3

[Mailing List] http://www.openwall.com/lists/oss-security/2011/11/03/5

[Patch, Vendor Advisory] http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/50497

[Broken Link, Exploit] http://www.wooyun.org/bugs/wooyun-2010-03185

[Exploit, Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=751112

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/71108

Scores

CVSS v3 6.5

EPSS 0.1243

EPSS Percentile 93.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE

CWE-611

Status draft

Affected Products (6)

phpmyadmin/phpmyadmin < 3.3.10.5

fedoraproject/fedora

fedoraproject/fedora

fedoraproject/fedora

debian/debian_linux

phpmyadmin/phpmyadmin < 3.4.7.1Packagist

Timeline

Published Nov 17, 2011

Tracked Since Feb 18, 2026