PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin

10/20/2020

Deployed ASP.NET core 3.1 application in Google Kubernetes. Docker is built mcr.microsoft.com/dotnet/core/aspnet:3.1-bionic AS base.

Exposed the application with Ingress service. When doing penetration testing getting PHP file inclusion vulnerability in grab_globals.lib.php in phpMyAdmin using Metasploit.

Any suggestion or help to resolve this would be greatly appreciated.

Also, I have tried the below possible ways to remove this vulnerability.

Tried to uninstall the phpMyAdmin in the docker, but phpMyAdmin is not found
Tried to install and uninstall the phpMyAdmin.
1: https://i.stack.imgur.com/i52Pz.png

-- Raj Kumar

asp.net-core

docker

kubernetes

php

phpmyadmin

Similar Questions

Kubernetes LoadBalancer service on AKS via helm is not accessible

Getting started with docker swarm using a bare metal server

Connecting to redis (from helm chart) inside Kubernetes cluster

Route incoming traffic in Docker swarm setup

How to set up istio on kubenetes cluster created by kubeadm?

0 Answers