CVE-2018-12613 Scanner
CVE-2018-12613 scanner - Remote File Inclusion (RFI) vulnerability in phpMyAdmin
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
15 seconds
Time Interval
4 weeks
Scan only one
URL
Toolbox
-
PhpMyAdmin is a web-based database management tool. It is an open-source program written in PHP language that allows users to manage and manipulate databases. The purpose of PhpMyAdmin is to provide an easy-to-use interface for users to manage their databases without the need for specialized knowledge in databases.
CVE-2018-12613 is a vulnerability that was discovered in the PhpMyAdmin 4.8.x version, which allowed an attacker to include files on the server. The vulnerability resulted from an incomplete test for whitelisted pages, making it possible for an attacker to execute arbitrary code while being authenticated. The vulnerability becomes more severe in the "$cfg['AllowArbitraryServer'] = true" and "$cfg['ServerDefault'] = 0" scenarios, allowing an attacker to bypass the login requirement and execute code without authentication.
Exploitation of CVE-2018-12613 can lead to serious consequences, such as data loss, unauthorized access, and disclosure of sensitive information. An attacker can exploit this vulnerability to execute arbitrary code, modify or delete data, and potentially take over the whole server. Therefore, it is essential to take the necessary precautions to protect digital assets from these types of threats.
Thanks to the pro features of the s4e.io platform, those who read this article can quickly and easily learn about vulnerabilities in their digital assets. The platform provides real-time threat intelligence, vulnerability scanning, and incident management solutions. With s4e.io's advanced security features, users can stay ahead of the latest vulnerabilities and protect their digital assets from attacks. Don't wait until it's too late; take action today to safeguard your online business and personal information with s4e.io.
REFERENCES
