Beyond the Dashboard: How the phpMyAdmin "HackTricks" Methods Were Patched
sql_query=SELECT "<?php system('id'); ?>" INTO OUTFILE "/tmp/sess_attacker"
Add an extra layer of Basic Auth phpMyAdmin's login page. phpmyadmin hacktricks patched
| Vulnerability | Affected Versions | Patch Version | Remediation | |---------------|------------------|---------------|--------------| | CVE-2025-24529 (XSS - Insert tab) | 5.x < 5.2.2 | 5.2.2 | Upgrade to 5.2.2 or apply security backports | | CVE-2025-24530 (XSS - Check Tables) | 5.x < 5.2.2 | 5.2.2 | Upgrade to 5.2.2 | | CVE-2024-2961 (glibc/iconv buffer overflow) | All versions using vulnerable glibc | 5.2.2 + glibc update | Upgrade phpMyAdmin and system glibc | | CVE-2018-12613 (LFI) | 4.8.0, 4.8.1 | 4.8.2 | Upgrade to version 4.8.2+ or migrate to 5.x | | CVE-2009-1151 (setup.php RCE) | 2.11.x < 2.11.9.5, 3.x < 3.1.3.1 | 2.11.9.5, 3.1.3.1 | Upgrade immediately or remove setup.php | | auth_type=config misconfiguration | All versions | N/A | Change auth_type to 'cookie' and set proper passwords | | AllowNoPassword bypass | Versions < 2026 patches | Latest distribution update | Upgrade phpMyAdmin and PHP environment |
One of the most famous entries under the phpMyAdmin umbrella on HackTricks is CVE-2018-12613 , which impacted versions . : Resolved in versions SQL Injection in User
If an attacker gains administrative access or finds a SQL injection flaw, they leverage database privileges to interact with the underlying operating system file system:
: A logic error in how phpMyAdmin handled 2FA status allowed a valid user to manipulate their account to bypass 2FA in future sessions. : Resolved in versions SQL Injection in User Accounts (CVE-2020-5504) phpMyAdmin is not vulnerable by default
LOAD_FILE() : Used to read sensitive configuration files (e.g., /etc/passwd or config.inc.php ).
phpMyAdmin introduced strict whitelisting for page parameters . In modern versions, the application strictly validates which files can be included, preventing the redirection to session files or temporary system paths. 2. Hardening the config.inc.php Exposure
While not a direct phpMyAdmin vulnerability, CVE-2024-2961 affected the underlying glibc/iconv library used by phpMyAdmin for character set conversions. This buffer overflow vulnerability could potentially lead to arbitrary code execution. phpMyAdmin is not vulnerable by default, but because the software uses the iconv library, the development team issued PMASA-2025-3 to include full details and mitigation guidance. The vulnerability was addressed in phpMyAdmin 5.2.2 and is also patched in updated Linux distributions such as openSUSE and Fedora.