logo
DATABASE RESOURCES PRICING ABOUT US

Debian DSA-2139-1 : phpmyadmin - several vulnerabilities

Description

Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-4329 Cross site scripting was possible in search, that allowed a remote attacker to inject arbitrary web script or HTML. - CVE-2010-4480 Cross site scripting was possible in errors, that allowed a remote attacker to inject arbitrary web script or HTML. - CVE-2010-4481 Display of PHP's phpinfo() function was available to world, but only if this functionality had been enabled (defaults to off). This may leak some information about the host system.


Related