CVE-2009-3697

N/A Unknown
Published: October 16, 2009 Modified: April 23, 2026
View on NVD

Description

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://bugs.gentoo.org/show_bug.cgi?id=288899
Source: cve@mitre.org
http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/2.11.9.6/phpMyAdmin-2.11.9.6-notes.html
Source: cve@mitre.org
http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.2.2.1/phpMyAdmin-3.2.2.1-notes.html
Source: cve@mitre.org
http://freshmeat.net/projects/phpmyadmin/releases/306667
Source: cve@mitre.org
http://freshmeat.net/projects/phpmyadmin/releases/306669
Source: cve@mitre.org
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
Source: cve@mitre.org
http://marc.info/?l=oss-security&m=125553728512853&w=2
Source: cve@mitre.org
http://marc.info/?l=oss-security&m=125561979001460&w=2
Source: cve@mitre.org
http://secunia.com/advisories/37016
Source: cve@mitre.org
Vendor Advisory
http://typo3.org/extensions/repository/view/phpmyadmin/4.5.0/
Source: cve@mitre.org
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-015/
Source: cve@mitre.org
http://www.mandriva.com/security/advisories?name=MDVSA-2009:274
Source: cve@mitre.org
http://www.phpmyadmin.net/home_page/security/PMASA-2009-6.php
Source: cve@mitre.org
Vendor Advisory
http://www.securityfocus.com/bid/36658
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2009/2899
Source: cve@mitre.org
Patch Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=528769
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/53741
Source: cve@mitre.org
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00467.html
Source: cve@mitre.org
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00490.html
Source: cve@mitre.org
http://bugs.gentoo.org/show_bug.cgi?id=288899
Source: af854a3a-2127-422b-91ae-364da2661108
http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/2.11.9.6/phpMyAdmin-2.11.9.6-notes.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://dfn.dl.sourceforge.net/project/phpmyadmin/phpMyAdmin/3.2.2.1/phpMyAdmin-3.2.2.1-notes.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://freshmeat.net/projects/phpmyadmin/releases/306667
Source: af854a3a-2127-422b-91ae-364da2661108
http://freshmeat.net/projects/phpmyadmin/releases/306669
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=oss-security&m=125553728512853&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=oss-security&m=125561979001460&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/37016
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://typo3.org/extensions/repository/view/phpmyadmin/4.5.0/
Source: af854a3a-2127-422b-91ae-364da2661108
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-015/
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.mandriva.com/security/advisories?name=MDVSA-2009:274
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.phpmyadmin.net/home_page/security/PMASA-2009-6.php
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/36658
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/2899
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=528769
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/53741
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00467.html
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00490.html
Source: af854a3a-2127-422b-91ae-364da2661108

38 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
2.6%
86th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-89

Affected Vendors

phpmyadmin

Related CVEs

CVE-2026-7073 7.3
CVE-2026-7072 7.3
CVE-2026-7071 5.3
CVE-2026-7070 7.3
CVE-2026-7069 8.0