VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
generic_textual	HIGH	http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html
generic_textual	HIGH	http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html
generic_textual	HIGH	http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
epss	0.21882	https://api.first.org/data/v1/epss?cve=CVE-2011-2506
generic_textual	HIGH	http://securityreason.com/securityalert/8306
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-p6h7-29r2-g88f
generic_textual	HIGH	https://github.com/phpmyadmin/composer
generic_textual	HIGH	https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f
generic_textual	HIGH	https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2011-2506
generic_textual	HIGH	https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt
generic_textual	HIGH	https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded
generic_textual	HIGH	https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124
generic_textual	HIGH	http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008
generic_textual	HIGH	http://www.debian.org/security/2011/dsa-2286
generic_textual	HIGH	http://www.exploit-db.com/exploits/17514
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2011/06/28/2
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2011/06/28/6
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2011/06/28/8
generic_textual	HIGH	http://www.openwall.com/lists/oss-security/2011/06/29/11
generic_textual	HIGH	http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php

System

Score

Found at

generic_textual

HIGH

http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html

generic_textual

HIGH

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html

generic_textual

HIGH

http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

epss

0.21882

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

generic_textual

HIGH

http://securityreason.com/securityalert/8306

cvssv3.1_qr

HIGH

https://github.com/advisories/GHSA-p6h7-29r2-g88f

generic_textual

HIGH

https://github.com/phpmyadmin/composer

generic_textual

HIGH

https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f

generic_textual

HIGH

https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4

generic_textual

HIGH

https://nvd.nist.gov/vuln/detail/CVE-2011-2506

generic_textual

HIGH

https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt

generic_textual

HIGH

https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded

generic_textual

HIGH

https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124

generic_textual

HIGH

http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008

generic_textual

HIGH

http://www.debian.org/security/2011/dsa-2286

generic_textual

HIGH

http://www.exploit-db.com/exploits/17514

generic_textual

HIGH

http://www.openwall.com/lists/oss-security/2011/06/28/2

generic_textual

HIGH

http://www.openwall.com/lists/oss-security/2011/06/28/6

generic_textual

HIGH

http://www.openwall.com/lists/oss-security/2011/06/28/8

generic_textual

HIGH

http://www.openwall.com/lists/oss-security/2011/06/29/11

generic_textual

HIGH

http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php

Reference id

Reference type

URL

http://ha.xxor.se/2011/07/phpmyadmin-3x-multiple-remote-code.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062719.html

http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin;a=commit;h=0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f

https://api.first.org/data/v1/epss?cve=CVE-2011-2506

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2506

http://securityreason.com/securityalert/8306

https://github.com/phpmyadmin/composer

https://github.com/phpmyadmin/phpmyadmin/commit/0fbedaf5fd7a771d0885c6b7385d934fc90d0d7f

https://github.com/phpmyadmin/phpmyadmin/commit/2e01647949df937040e73a94ce0bac0daecbdcf4

https://nvd.nist.gov/vuln/detail/CVE-2011-2506

https://web.archive.org/web/20110712103138/http://www.xxor.se/advisories/phpMyAdmin_3.x_Multiple_Remote_Code_Executions.txt

https://web.archive.org/web/20111116172111/http://www.securityfocus.com/archive/1/518804/100/0/threaded

https://web.archive.org/web/20121105034518/http://www.mandriva.com/en/support/security/advisories?name=MDVSA-2011:124

http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008

http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-008/

http://www.debian.org/security/2011/dsa-2286

http://www.exploit-db.com/exploits/17514

http://www.exploit-db.com/exploits/17514/

http://www.openwall.com/lists/oss-security/2011/06/28/2

http://www.openwall.com/lists/oss-security/2011/06/28/6

http://www.openwall.com/lists/oss-security/2011/06/28/8

http://www.openwall.com/lists/oss-security/2011/06/29/11

http://www.phpmyadmin.net/home_page/security/PMASA-2011-6.php

GHSA-p6h7-29r2-g88f

https://github.com/advisories/GHSA-p6h7-29r2-g88f

Data source	Exploit-DB
Date added	July 8, 2011
Description	phpMyAdmin3 (pma3) - Remote Code Execution
Ransomware campaign use	Known
Source publication date	July 8, 2011
Exploit type	webapps
Platform	php
Source update date	July 24, 2011

Exploit-DB

July 8, 2011

phpMyAdmin3 (pma3) - Remote Code Execution

Known

July 8, 2011

webapps

php

July 24, 2011

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T09:08:41.183129+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-p6h7-29r2-g88f/GHSA-p6h7-29r2-g88f.json	37.0.0

2025-07-31T09:08:41.183129+00:00

GithubOSV Importer

Import

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-p6h7-29r2-g88f/GHSA-p6h7-29r2-g88f.json

37.0.0

Vulnerability ID	VCID-rsrn-hcvf-8qhp
Aliases	CVE-2011-2506 GHSA-p6h7-29r2-g88f
Summary	phpMyAdmin vulnerable to static code injection `setup/lib/ConfigGenerator.class.php` in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 does not properly restrict the presence of comment closing delimiters, which allows remote attackers to conduct static code injection attacks by leveraging the ability to modify the SESSION superglobal array.
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

CWE-94	Improper Control of Generation of Code ('Code Injection')
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

Percentile	0.95518
EPSS Score	0.21882
Published At	Aug. 12, 2025, 12:55 p.m.