CVE-2020-10803 : In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerabili

In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results (in tbl_get_field.php and libraries/classes/Display/Results.php). The attacker must be able to insert crafted data into certain database tables, which when retrieved (for instance, through the Browse tab) can trigger the XSS attack.

Published 2020-03-22 05:15:12

Updated 2022-11-16 04:00:03

Source MITRE

View at NVD, CVE.org

Vulnerability category: Sql InjectionCross site scripting (XSS)

Products affected by CVE-2020-10803

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Suse » Package Hub » Version: N/A
cpe:2.3:a:suse:package_hub:-:*:*:*:*:*:*:*
Matching versions
When used together with: Suse » Linux Enterprise » Version: 12.0
Phpmyadmin » Phpmyadmin
Versions from including (>=) 4.0.0 and before (<) 4.9.5
cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
Matching versions
Phpmyadmin » Phpmyadmin
Versions from including (>=) 5.0.0 and before (<) 5.0.2
cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 31
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 32
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 30
cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 15.1
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
Matching versions
Opensuse » Backports Sle » Version: 15.0
cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*
Matching versions
Opensuse » Backports Sle » Version: 15.0 Update SP1
cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2020-10803

Top countries where our scanners detected CVE-2020-10803

Top open port discovered on systems with this issue 80

IPs affected by CVE-2020-10803 49

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2020-10803!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2020-10803

EPSS FAQ

3.29%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 86 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-10803

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.5	LOW	AV:N/AC:M/Au:S/C:N/I:P/A:N	6.8	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
5.4	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N	2.3	2.7	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Changed Confidentiality: Low Integrity: Low Availability: None

CWE ids for CVE-2020-10803

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Assigned by: nvd@nist.gov (Primary)
CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2020-10803

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UZI6EQVRRIG252DY3MBT33BJVCSYDMQO/

[SECURITY] Fedora 31 Update: phpMyAdmin-5.0.2-1.fc31 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.debian.org/debian-lts-announce/2020/03/msg00028.html

[SECURITY] [DLA 2154-1] phpmyadmin security update
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00046.html

[security-announce] openSUSE-SU-2020:0405-1: moderate: Security update f
Broken Link;Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00050.html

[security-announce] openSUSE-SU-2020:0427-1: moderate: Security update f
Broken Link;Mailing List;Third Party Advisory

CVEs referencing this url
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BUG3IRITW2LUBGR5LSQMP7MVRTELHZJK/

[SECURITY] Fedora 32 Update: phpMyAdmin-5.0.2-2.fc32 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00005.html

[security-announce] openSUSE-SU-2020:1806-1: important: Security update
Broken Link;Mailing List;Third Party Advisory

CVEs referencing this url
https://www.phpmyadmin.net/security/PMASA-2020-4/

phpMyAdmin - Security - PMASA-2020-4
Patch;Vendor Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AAVW3SUKWR5RF5LZ6SARCYOWBIFUIWOJ/

[SECURITY] Fedora 30 Update: phpMyAdmin-4.9.5-1.fc30 - package-announce - Fedora Mailing-Lists
Mailing List;Third Party Advisory

CVEs referencing this url