CRITICAL🇵🇱 Wersja polska

CVE-2020-22452

CVSS 9.8v3.1pub. 2023-01-26upd. 2026-07-05

SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tbl_storage_engine or tbl_collation parameters to tbl_create.php.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Phpmyadmin

    APP
    Phpmyadmin
    5.0.0 – 5.2.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
SQLi
CWE
References

Related vulnerabilities

CVE-2009-1151CRITICAL9.8⚠ KEVten sam produkt

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 a...

CVE-2020-26935CRITICAL9.8ten sam produkt

An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection v...

CVE-2019-19617CRITICAL9.8ten sam produkt

phpMyAdmin before 4.9.2 does not escape certain Git information, related to libraries/classes/Display/GitRevis...

CVE-2019-18622CRITICAL9.8ten sam produkt

An issue was discovered in phpMyAdmin before 4.9.2. A crafted database/table name can be used to trigger a SQL...

CVE-2019-11768CRITICAL9.8ten sam produkt

An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted d...