CVE-2011-4107

MEDIUM

phpMyAdmin <3.4.7.1 & <3.3.10.5 - XXE Injection

Title source: llm

Description

The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.

Exploits (2)

exploitdb WORKING POC

by Marco Batista · rubywebappsphp

https://www.exploit-db.com/exploits/18371

View Code ZIP pw:eip

nomisec WORKING POC 4 stars

by SECFORCE · poc

https://github.com/SECFORCE/CVE-2011-4107

View Code ZIP pw:eip

References (17)

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/71108

[Broken Link, Vendor Advisory] http://secunia.com/advisories/46447

[Broken Link] http://osvdb.org/76798

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069635.html

[Mailing List] http://www.openwall.com/lists/oss-security/2011/11/03/5

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2011/Nov/21

[Patch, Vendor Advisory] http://www.phpmyadmin.net/home_page/security/PMASA-2011-17.php

[Mailing List] http://www.debian.org/security/2012/dsa-2391

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/50497

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069649.html

[Broken Link] http://www.mandriva.com/security/advisories?name=MDVSA-2011:198

[Exploit, Issue Tracking] https://bugzilla.redhat.com/show_bug.cgi?id=751112

[Broken Link] http://securityreason.com/securityalert/8533

[Mailing List] http://www.openwall.com/lists/oss-security/2011/11/03/3

[Broken Link, Exploit] http://www.wooyun.org/bugs/wooyun-2010-03185

[Broken Link, Exploit] http://packetstormsecurity.org/files/view/106511/phpmyadmin-fileread.txt

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069625.html

Scores

CVSS v3 6.5

EPSS 0.1243

EPSS Percentile 93.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-611

Status published

Products (6)

debian/debian_linux 5.0

fedoraproject/fedora 14

fedoraproject/fedora 15

fedoraproject/fedora 16

phpmyadmin/phpmyadmin 3.3.0.0 - 3.3.10.5

phpmyadmin/phpmyadmin 3.4.0 - 3.4.7.1Packagist

Published Nov 17, 2011

Tracked Since Feb 18, 2026