automatic module_metadata_base.json update

db/modules_metadata_base.json

@@ -143507,7 +143507,7 @@
     "needs_cleanup": true
   },
   "exploit_unix/webapp/phpmyadmin_config": {
-    "name": "PhpMyAdmin Config File Code Injection",
+    "name": "phpMyAdmin Config File Code Injection",
     "fullname": "exploit/unix/webapp/phpmyadmin_config",
     "aliases": [],
     "rank": 600,
@@ -143516,15 +143516,20 @@
     "author": [
       "Greg Ose",
       "pagvac",
-      "egypt <egypt@metasploit.com>"
+      "egypt <egypt@metasploit.com>",
+      "Tenable",
+      "g0tmi1k"
     ],
-    "description": "This module exploits a vulnerability in phpMyAdmin's setup\n          feature which allows an attacker to inject arbitrary PHP\n          code into a configuration file. The original advisory says\n          the vulnerability is present in phpMyAdmin versions 2.11.x\n          < 2.11.9.5 and 3.x < 3.1.3.1; this module was tested on\n          3.0.1.1.\n\n          The file where our payload is written\n          (phpMyAdmin/config/config.inc.php) is not directly used by\n          the system, so it may be a good idea to either delete it or\n          copy the running config (phpMyAdmin/config.inc.php) over it\n          after successful exploitation.",
+    "description": "This module exploits a vulnerability in phpMyAdmin's setup\n          feature which allows an attacker to inject arbitrary PHP\n          code into a configuration file. The original advisory says\n          the vulnerability is present in phpMyAdmin versions\n          2.11.x <= 2.11.9.4 and 3.x <= 3.1.3.\n\n          There was a follow up vulnerability as the patch was\n          incomplete, affecting versions 3.x <= 3.1.3.1.\n\n          The file where our payload is written\n          (phpMyAdmin/config/config.inc.php) is not directly used by\n          the system, so it may be a good idea to either delete it or\n          copy the running config (phpMyAdmin/config.inc.php) over it\n          after successful exploitation.",
     "references": [
       "CVE-2009-1151",
       "OSVDB-53076",
       "EDB-8921",
-      "URL-http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php",
-      "URL-http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/"
+      "URL-https://www.phpmyadmin.net/security/PMASA-2009-3/",
+      "URL-https://web.archive.org/web/20130724101149/http://labs.neohapsis.com/2009/04/06/about-cve-2009-1151/",
+      "CVE-2009-1285",
+      "URL-https://www.phpmyadmin.net/security/PMASA-2009-4/",
+      "URL-https://www.tenable.com/security/research/tra-2009-02"
     ],
     "platform": "PHP",
     "arch": "php",
@@ -143545,24 +143550,24 @@
       "https"
     ],
     "targets": [
-      "Automatic (phpMyAdmin 2.11.x < 2.11.9.5 and 3.x < 3.1.3.1)"
+      "Automatic (phpMyAdmin 2.11.x <= 2.11.9.4 and 3.x <= 3.1.3.1)"
     ],
-    "mod_time": "2025-06-23 12:43:46 +0000",
+    "mod_time": "2026-04-21 18:43:54 +0000",
     "path": "/modules/exploits/unix/webapp/phpmyadmin_config.rb",
     "is_install_path": true,
     "ref_name": "unix/webapp/phpmyadmin_config",
-    "check": false,
+    "check": true,
     "post_auth": false,
     "default_credential": false,
     "notes": {
       "Reliability": [
-        "unknown-reliability"
+        "repeatable-session"
       ],
       "Stability": [
-        "unknown-stability"
+        "crash-safe"
       ],
       "SideEffects": [
-        "unknown-side-effects"
+        "config-changes"
       ]
     },
     "session_types": false,