What is CVE-2012-5159?

CVE-2012-5159 is a vulnerability in Phpmyadmin, classified under Code Injection. Published 2012-09-25.

Is CVE-2012-5159 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Phpmyadmin

CVE-2012-5159

phpMyAdmin 3.5.2.2, as distributed by the cdnetworks-kr-1 mirror during an unspecified time frame in 2012, contains an externally introduced modification (Trojan Horse) in server_sync.php, which allows remote attackers to execute arbitrary…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.879 (99.5th percentile) — read the EPSS interpretation.

Affected products

Phpmyadmin — versions 3.5.2.2
N/a — versions n/a

Weakness classification (CWE)

CWE-94 — Code Injection

Public proof-of-concept exploits

References

55672 (vdb-entry, x_refsource_BID)
[oss-security] 20120925 Re: CVE Request - phpMyAdmin: PMASA-2012-5 incident (mailing-list, x_refsource_MLIST)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2012-5159?: CVE-2012-5159 is a vulnerability in Phpmyadmin, classified under Code Injection. Published 2012-09-25.
Is CVE-2012-5159 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.