Sensitive Data: phpMyAdmin - Default Login¶

Identifier: phpmyadmin_default_login

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

phpMyAdmin database management interface may be accessible with default credentials, allowing unauthorized access to database accounts and potentially exposing sensitive information, modifying data, or executing unauthorized operations.

How we test: We attempt to authenticate to the phpMyAdmin interface using common default username and password combinations. If authentication succeeds, we report the vulnerability.

Reference:

https://www.phpmyadmin.net

Configuration¶

Example¶

Example configuration:

---
security_tests:
  phpmyadmin_default_login:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.