CVE-2013-5029

Severity Score

4.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php.

phpMyAdmin 3.5.x y 4.0.x anterior a 4.0.5, permite a atacantes remotos evitar la protección frente al clickjacking a través de determinados vectores relacionados con Header.class.php.

*Credits: N/A

CVSS Scores

NISTv2 4.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-07-31 CVE Reserved
2013-08-19 CVE Published
2024-09-16 CVE Updated
2024-09-16 First Exploit
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-20: Improper Input Validation

CAPEC

References (7)

URL	Tag	Source

URL	Date	SRC
https://github.com/phpmyadmin/phpmyadmin/commit/240b8332db53dedc27baeec5306dabad3bdece3b	2024-09-16
https://github.com/phpmyadmin/phpmyadmin/commit/24d0eb55203b029f250c77d63f2900ffbe099e8b	2024-09-16
https://github.com/phpmyadmin/phpmyadmin/commit/da4042fb6c4365dc8187765c3bf525043687c66f	2024-09-16

URL	Date	SRC
https://github.com/phpmyadmin/phpmyadmin/commit/66fe475d4f51b1761719cb0cab360748800373f7	2018-10-30

URL	Date	SRC
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00013.html	2018-10-30
http://secunia.com/advisories/54488	2018-10-30
http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php	2018-10-30

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				12.2 Search vendor "Opensuse" for product "Opensuse" and version "12.2"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				12.3 Search vendor "Opensuse" for product "Opensuse" and version "12.3"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.0.0 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.0.0"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.1.0 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.1.0"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.2.0 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.2.0"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.2.1 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.2.1"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.2.2 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.2.2"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.3.0 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.3.0"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.4 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.4"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.5 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.5"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.6 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.6"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.7 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.7"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.7 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.7"		rc1		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.8 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.8"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.8 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.8"		rc1		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.8.1 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.8.1"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				3.5.8.2 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "3.5.8.2"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				4.0.0 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "4.0.0"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				4.0.0 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "4.0.0"		rc2		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				4.0.0 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "4.0.0"		rc3		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				4.0.1 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "4.0.1"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				4.0.2 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "4.0.2"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				4.0.3 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "4.0.3"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				4.0.4 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "4.0.4"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				4.0.4.1 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "4.0.4.1"		-		Affected
Phpmyadmin Search vendor "Phpmyadmin"		Phpmyadmin Search vendor "Phpmyadmin" for product "Phpmyadmin"				4.0.4.2 Search vendor "Phpmyadmin" for product "Phpmyadmin" and version "4.0.4.2"		-		Affected