Backdoor In phpMyAdmin Allows Hackers To Execute PHP Code

September 25, 2012 By Ali Loney

1 minute read time

Softpedia – (International) Backdoor in phpMyAdmin allows hackers to execute PHP code. phpMyAdmin warned customers that a kit hosted on the SourceForge.net mirror system was found to contain a backdoor that allows remote attackers to execute arbitrary PHP code. The developers were notified by the Tencent Security Response Center that the distribution contains a malicious file. The affected mirror is called cdnetworks-kr-1, the backdoor being located in the server_sync.php file. Apparently, this was not the only corrupt file. The phpMyAdmin development team claims a second file — js/cross_framing_protection.js — was also modified. The vulnerability was cataloged as critical.

Source: http://news.softpedia.com/news/Backdoor-in-phpMyAdmin-Allows-Hackers-to-Execute-PHP-Code-294706.shtml

Tags: News, security, AppSec Spotlight

Written by Ali Loney

Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.