Security Vulnerability Report
中文
CVE-2026-41930 CVSS 9.8 CRITICAL

CVE-2026-41930

Published: 2026-05-06 19:16:37
Last Modified: 2026-05-06 20:16:33
Source: [email protected]

Description

Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to gain unrestricted read and write access to the entire Vvveb database, including administrator password hashes, customer personally identifiable information, and order data, enabling account takeover and data manipulation.

CVSS Details

CVSS Score
9.8
Severity
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

Vvveb < 1.0.8.2

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
import requests # This PoC checks if the phpMyAdmin interface is exposed based on the vulnerability description. # Since the specific credentials are not provided in the text, this script demonstrates the access check. def check_vulnerability(target_url): """ Check if Vvveb phpMyAdmin is accessible without authentication. """ try: # Assuming phpMyAdmin runs on a specific port (e.g., 8080) or path # Adjust the URL based on the actual docker-compose configuration url = f"{target_url}/phpmyadmin" response = requests.get(url, timeout=5) if response.status_code == 200 and "phpMyAdmin" in response.text: print(f"[+] Vulnerability confirmed! phpMyAdmin is accessible at: {url}") print("[!] Next step: Try to log in using hardcoded credentials found in docker-compose-apache.yaml.") else: print("[-] phpMyAdmin not found or not accessible.") except Exception as e: print(f"Error connecting to target: {e}") if __name__ == "__main__": target = "http://127.0.0.1:8080" # Replace with actual target check_vulnerability(target)

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-41930", "sourceIdentifier": "[email protected]", "published": "2026-05-06T19:16:37.130", "lastModified": "2026-05-06T20:16:32.540", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container with pre-configured database credentials. Attackers can connect to the phpMyAdmin port to gain unrestricted read and write access to the entire Vvveb database, including administrator password hashes, customer personally identifiable information, and order data, enabling account takeover and data manipulation."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 9.2, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-306"}]}], "references": [{"url": "https://github.com/givanz/Vvveb/commit/f85ca7c2bc389bda3cc2eca87b2514581a628c32", "source": "[email protected]"}, {"url": "https://github.com/givanz/Vvveb/releases/tag/1.0.8.2", "source": "[email protected]"}, {"url": "https://github.com/givanz/Vvveb/security/advisories/GHSA-g38h-mr9p-fjmf", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/vvveb-hard-coded-credentials-information-disclosure-via-phpmyadmin", "source": "[email protected]"}, {"url": "https://github.com/givanz/Vvveb/security/advisories/GHSA-g38h-mr9p-fjmf", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.