GHSA-prcg-mc23-hgjh, CVE-2020-22452
packagist/phpmyadmin/phpmyadmin
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
SQL Injection vulnerability in function getTableCreationQuery in CreateAddField.php in phpMyAdmin 5.x before 5.2.0 via the tblstorageengine or tblcollation parameters to tblcreate.php.
All versions starting from 5.0.0 before 5.0.2
Upgrade to version 5.0.2 or above.
2023-02-03
source |