7.5 CVE-2012-5469

Used by Malware Exploit

The Portable phpMyAdmin plugin before 1.3.1 for WordPress allows remote attackers to bypass authentication and obtain phpMyAdmin console access via a direct request to wp-content/plugins/portable-phpmyadmin/wp-pma-mod.
https://nvd.nist.gov/vuln/detail/CVE-2012-5469

References

cve@mitre.org Exploit

http://archives.neohapsis.com/archives/bugtraq/2012-12/0092.html Exploit
http://wordpress.org/extend/plugins/portable-phpmyadmin/changelog/

CPE

cpe	start	end
Configuration 1
AND
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.0:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.1:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.2:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.3:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.4:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.5:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.6:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.6:a::::::
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.7:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.8:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.1:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.1:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.2:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.3:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.4:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.5:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.6:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.7:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.8:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.1:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.2:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.3:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.4:b::::::
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.4:c::::::
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.5:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.3:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.3:alpha::::::
Running on/with
cpe:2.3:a:wordpress:wordpress:-:::::::*

REMEDIATION

EXPLOITS

Exploit-db.com

id	description	date
23356	WordPress Plugin Portable phpMyAdmin - Authentication Bypass	2012-12-13

POC Github

Url
No known exploits

Other Nist (github, ...)

Url
http://archives.neohapsis.com/archives/bugtraq/2012-12/0092.html

CAPEC

Common Attack Pattern Enumerations and Classifications

id	description	severity
No entry

Cybersecurity needs ?

Strengthen software security from the outset with our DevSecOps expertise

Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.

Discover this offer

cpe	start	end
Configuration 1
AND
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.0:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.1:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.2:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.3:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.4:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.5:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.6:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.6:a::::::
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.7:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.0.8:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.1:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.1:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.2:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.3:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.4:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.5:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.6:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.7:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.8:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.1:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.2:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.3:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.4:b::::::
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.4:c::::::
cpe:2.3:a:phpmyadmin:phpmyadmin:1.2.9.5:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.3:::::::*
cpe:2.3:a:phpmyadmin:phpmyadmin:1.3:alpha::::::
Running on/with
cpe:2.3:a:wordpress:wordpress:-:::::::*