CVE-2020-26935: SQL Injection

October 10, 2020 (updated March 30, 2021)

An issue was discovered in SearchController in phpMyAdmin. An SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query.

References

nvd.nist.gov/vuln/detail/CVE-2020-26935
www.phpmyadmin.net/security/PMASA-2020-6/

Code Behaviors & Features

Detect and mitigate CVE-2020-26935 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →