CVE-2011-2719

N/A Unknown

Published: August 01, 2011 Modified: April 29, 2026

Description

libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html

Source: secalert@redhat.com

http://osvdb.org/74112

Source: secalert@redhat.com

http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=571cdc6ff4bf375871b594f4e06f8ad3159d1754

Source: secalert@redhat.com

http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=e7bb42c002885c2aca7aba4d431b8c63ae4de9b7

Source: secalert@redhat.com

http://seclists.org/fulldisclosure/2011/Jul/300

Source: secalert@redhat.com

http://secunia.com/advisories/45315

Source: secalert@redhat.com

http://secunia.com/advisories/45365

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/45515

Source: secalert@redhat.com

http://securityreason.com/securityalert/8322

Source: secalert@redhat.com

http://www.debian.org/security/2011/dsa-2286

Source: secalert@redhat.com

http://www.mandriva.com/security/advisories?name=MDVSA-2011:124

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2011/07/25/4

Source: secalert@redhat.com

Patch

http://www.openwall.com/lists/oss-security/2011/07/26/10

Source: secalert@redhat.com

Patch

http://www.phpmyadmin.net/home_page/security/PMASA-2011-12.php

Source: secalert@redhat.com

Patch Vendor Advisory

http://www.securityfocus.com/archive/1/518967/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/519155/100/0/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/48874

Source: secalert@redhat.com

http://www.xxor.se/advisories/phpMyAdmin_3.x_Conditional_Session_Manipulation.txt

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=725384

Source: secalert@redhat.com

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/68769

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063410.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063418.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://osvdb.org/74112

Source: af854a3a-2127-422b-91ae-364da2661108

http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=571cdc6ff4bf375871b594f4e06f8ad3159d1754

Source: af854a3a-2127-422b-91ae-364da2661108

http://phpmyadmin.git.sourceforge.net/git/gitweb.cgi?p=phpmyadmin/phpmyadmin%3Ba=commit%3Bh=e7bb42c002885c2aca7aba4d431b8c63ae4de9b7

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2011/Jul/300

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/45315

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/45365

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/45515

Source: af854a3a-2127-422b-91ae-364da2661108

http://securityreason.com/securityalert/8322

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2011/dsa-2286

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.mandriva.com/security/advisories?name=MDVSA-2011:124

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2011/07/25/4

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.openwall.com/lists/oss-security/2011/07/26/10

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.phpmyadmin.net/home_page/security/PMASA-2011-12.php

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://www.securityfocus.com/archive/1/518967/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/519155/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/48874

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.xxor.se/advisories/phpMyAdmin_3.x_Conditional_Session_Manipulation.txt

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=725384

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/68769

Source: af854a3a-2127-422b-91ae-364da2661108

42 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

2.4%

82th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

phpmyadmin

Related CVEs

CVE-2026-56414 7.2

CVE-2026-55975 7.2

CVE-2026-33560 7.1

CVE-2026-31928 8.1

CVE-2026-28701 9.8