eComscan searches for installed database managers, such as Adminer, PHPMyAdmin and PHPMiniAdmin. These scripts are a common attack vector for ecommerce stores. They pose two risks:
- A database manager opens up an extra line of access to your database. Often, attackers are found to install such a database manager themselves, to ensure future access (a backdoor). Normally, database managers require a database password to operate, however, these are often retrieved via other means.
- In certain conditions, even a properly password-protected database manager can be exploited to gain access. This technique abuses a flaw in the MySQL protocol. See our labs research for more information.
We recommend to not install any of these database managers on your production system. If you do need them, you should remove them after use.