An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.
{ "ubuntu_priority": "medium", "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_name": "phpmyadmin", "binary_version": "4:4.5.4.1-2ubuntu2.1+esm3" } ] }
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "phpmyadmin", "binary_version": "4:4.6.6-5ubuntu0.5" } ] }
{ "ubuntu_priority": "medium", "availability": "No subscription required", "binaries": [ { "binary_name": "phpmyadmin", "binary_version": "4:4.9.5+dfsg1-2" } ] }
{ "ubuntu_priority": "medium" }