Security for everyone

CVE-2018-12613 Scanner

Detects 'Remote File Inclusion (RFI)' vulnerability in phpMyAdmin affects v. 4.8.x before 4.8.2.

SCAN NOW

Short Info


Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

15 sec

Scan only one

Url

Parent Category

CVE-2018-12613 Scanner Detail

PhpMyAdmin is a web-based database management tool. It is an open-source program written in PHP language that allows users to manage and manipulate databases. The purpose of PhpMyAdmin is to provide an easy-to-use interface for users to manage their databases without the need for specialized knowledge in databases.

CVE-2018-12613 is a vulnerability that was discovered in the PhpMyAdmin 4.8.x version, which allowed an attacker to include files on the server. The vulnerability resulted from an incomplete test for whitelisted pages, making it possible for an attacker to execute arbitrary code while being authenticated. The vulnerability becomes more severe in the "$cfg['AllowArbitraryServer'] = true" and "$cfg['ServerDefault'] = 0" scenarios, allowing an attacker to bypass the login requirement and execute code without authentication.

Exploitation of CVE-2018-12613 can lead to serious consequences, such as data loss, unauthorized access, and disclosure of sensitive information. An attacker can exploit this vulnerability to execute arbitrary code, modify or delete data, and potentially take over the whole server. Therefore, it is essential to take the necessary precautions to protect digital assets from these types of threats.

Thanks to the pro features of the securityforeveryone.com platform, those who read this article can quickly and easily learn about vulnerabilities in their digital assets. The platform provides real-time threat intelligence, vulnerability scanning, and incident management solutions. With securityforeveryone.com's advanced security features, users can stay ahead of the latest vulnerabilities and protect their digital assets from attacks. Don't wait until it's too late; take action today to safeguard your online business and personal information with securityforeveryone.com.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture