VYPR
Critical severity9.8CISA KEVNVD Advisory· Published Mar 26, 2009· Updated Jun 16, 2026

CVE-2009-1151

CVE-2009-1151

Description

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*range: >=2.11.0,<2.11.9.5
    • (no CPE)range: >=2.11.0, <2.11.9.5 || >=3.0, <3.1.3.1
  • Debian/linux2 versions
    cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.