What is CVE-2019-6799?

CVE-2019-6799 is a vulnerability in N/a. Published 2019-01-26.

Is CVE-2019-6799 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2019-6799

An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration setting is set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access…

EPSS: 0.770 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cvemon
Awrrays/FrameVul
cc8700619/poc

References

www.phpmyadmin.net/security/PMASA-2019-1/ (x_refsource_CONFIRM)
[debian-lts-announce] 20190227 [SECURITY] [DLA 1692-1] phpmyadmin security update (mailing-list, x_refsource_MLIST)
106736 (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2019-6799?: CVE-2019-6799 is a vulnerability in N/a. Published 2019-01-26.
Is CVE-2019-6799 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.