phpmyadmin -- arbitrary file include and XSS vulnerabilities

2005-02-21T00:00:00
ID 882EF43B-901F-11D9-A22C-0001020EED82
Type freebsd
Reporter FreeBSD
Modified 2005-02-21T00:00:00

Description

A phpMyAdmin security announcement reports:

We received two bug reports by Maksymilian Arciemowicz about those vulnerabilities and we wish to thank him for his work. The vulnerabilities apply to those points:

css/phpmyadmin.css.php was vulnerable against $cfg and GLOBALS variable injections. This way, a possible attacker could manipulate any configuration parameter. Using phpMyAdmin's theming mechanism, he was able to include arbitrary files. This is especially dangerous if php is not running in safe mode. A possible attacker could manipulate phpMyAdmin's localized strings via the URL and inject harmful JavaScript code this way, which could be used for XSS attacks.