Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2018-12613

Description

An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the "$cfg['AllowArbitraryServer'] = true" case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the "$cfg['ServerDefault'] = 0" case (which bypasses the login requirement and runs the vulnerable code without any authentication).

POC

Reference

- http://packetstormsecurity.com/files/164623/phpMyAdmin-4.8.1-Remote-Code-Execution.html

- https://www.exploit-db.com/exploits/44924/

- https://www.exploit-db.com/exploits/44928/

- https://www.exploit-db.com/exploits/45020/

Github

- https://github.com/0ps/pocassistdb

- https://github.com/0x00-0x00/CVE-2018-10517

- https://github.com/0x00-0x00/CVE-2018-12613

- https://github.com/0x00-0x00/CVE-2018-7422

- https://github.com/0xT11/CVE-POC

- https://github.com/20142995/nuclei-templates

- https://github.com/20142995/sectool

- https://github.com/4ra1n/poc-runner

- https://github.com/991688344/2020-shixun

- https://github.com/ARPSyndicate/cvemon

- https://github.com/ARPSyndicate/kenzer-templates

- https://github.com/AlienTec1908/DarkMatter_HackMyVM_Hard

- https://github.com/Awrrays/FrameVul

- https://github.com/BigMike-Champ/Capstone

- https://github.com/CLincat/vulcat

- https://github.com/Elsfa7-110/kenzer-templates

- https://github.com/LeCielBleu/SecurityDocs

- https://github.com/Matsumoto138/Injaction-Attacks

- https://github.com/NS-Sp4ce/2019-Ciscn-Southern-China-Web

- https://github.com/SexyBeast233/SecBooks

- https://github.com/YagamiiLight/Cerberus

- https://github.com/ZTK-009/collection-document

- https://github.com/anquanscan/sec-tools

- https://github.com/cc8700619/poc

- https://github.com/cyberwithcyril/VulhubPenTestingReport

- https://github.com/duckstroms/Web-CTF-Cheatsheet

- https://github.com/eastmountyxz/CSDNBlog-Security-Based

- https://github.com/eastmountyxz/CVE-2018-12613-phpMyAdmin

- https://github.com/eastmountyxz/NetworkSecuritySelf-study

- https://github.com/filippo-zullo98/phpMyAdmin-RCE-Exploit-Lab

- https://github.com/fix-you/unc1e_web_note

- https://github.com/g1san/Agents-for-Vulnerable-Dockers-and-related-Benchmarks

- https://github.com/githuberxu/Safety-Books

- https://github.com/heane404/CVE_scan

- https://github.com/ivanitlearning/CVE-2018-12613

- https://github.com/johnkiguru1337/N-Days

- https://github.com/jweny/pocassistdb

- https://github.com/kaungsithu19/Black-Box-Pen-testing-DVWA

- https://github.com/kyawthiha7/pentest-methodology

- https://github.com/luckyfuture0177/VULOnceMore

- https://github.com/merlinepedra/CERBERUS-SHELL

- https://github.com/merlinepedra25/CERBERUS-SHELL

- https://github.com/mrhenrike/Hacking-Cheatsheet

- https://github.com/password520/collection-document

- https://github.com/pwnosec/CTF-Cheatsheet

- https://github.com/richnadeau/Capstone

- https://github.com/shanyuhe/YesPoc

- https://github.com/shengshengli/NetworkSecuritySelf-study

- https://github.com/tdcoming/Vulnerability-engine

- https://github.com/uytildojey-858579/portfolio-ftp

- https://github.com/w181496/Web-CTF-Cheatsheet

- https://github.com/zhibx/fscan-Intranet

- https://github.com/zoroqi/my-awesome

- https://github.com/zzyss-marker/NetworkSecuritySelf-study