What is the severity of CVE-2013-4729?

CVE-2013-4729 has a medium severity level due to its potential for unauthorized configuration changes.

How do I fix CVE-2013-4729?

To fix CVE-2013-4729, upgrade phpMyAdmin to version 4.0.4.1 or later.

Who is affected by CVE-2013-4729?

Users of phpMyAdmin versions 4.0.0 through 4.0.4 are affected by CVE-2013-4729.

What is the impact of CVE-2013-4729 on phpMyAdmin?

CVE-2013-4729 allows remote authenticated users to manipulate the GLOBALS superglobal array and change configurations.

Is CVE-2013-4729 exploitable remotely?

Yes, CVE-2013-4729 can be exploited remotely by authenticated users.

Vulnerability/
CVE-2013-4729

medium

5.5

CWE

621 264

4/7/2013

17/5/2022

16/9/2024

CVE-2013-4729

First published: Thu Jul 04 2013(Updated: )

import.php in phpMyAdmin 4.x before 4.0.4.1 does not properly restrict the ability of input data to specify a file format, which allows remote authenticated users to modify the GLOBALS superglobal array, and consequently change the configuration, via a crafted request.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
composer/phpmyadmin/phpmyadmin	>=4.0<4.0.4.1	4.0.4.1
PhpMyAdmin	=4.0.0
PhpMyAdmin	=4.0.0-rc2
PhpMyAdmin	=4.0.0-rc3
PhpMyAdmin	=4.0.1
PhpMyAdmin	=4.0.2
PhpMyAdmin	=4.0.3
PhpMyAdmin	=4.0.4

Remedy

https://github.com/phpmyadmin/phpmyadmin/commit/012464268420e53a9cd81cbb4a43988d70393c36

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4729?
CVE-2013-4729 has a medium severity level due to its potential for unauthorized configuration changes.
How do I fix CVE-2013-4729?
To fix CVE-2013-4729, upgrade phpMyAdmin to version 4.0.4.1 or later.
Who is affected by CVE-2013-4729?
Users of phpMyAdmin versions 4.0.0 through 4.0.4 are affected by CVE-2013-4729.
What is the impact of CVE-2013-4729 on phpMyAdmin?
CVE-2013-4729 allows remote authenticated users to manipulate the GLOBALS superglobal array and change configurations.
Is CVE-2013-4729 exploitable remotely?
Yes, CVE-2013-4729 can be exploited remotely by authenticated users.

collector/github-advisory-latest
alias/GHSA-x962-w72p-mv7q
alias/CVE-2013-4729
collector/github-advisory
agent/author
agent/type
agent/references
agent/softwarecombine
agent/remedy
agent/severity
agent/weakness
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/trending
agent/source
agent/tags
collector/nvd-cve
agent/software-canonical-lookup-request
collector/nvd-index
package-manager/composer
vendor/phpmyadmin
canonical/phpmyadmin
version/phpmyadmin/4.0.0
version/phpmyadmin/4.0.0-rc2
version/phpmyadmin/4.0.0-rc3
version/phpmyadmin/4.0.1
version/phpmyadmin/4.0.2
version/phpmyadmin/4.0.3
version/phpmyadmin/4.0.4

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.