Lucene search
FreeBSD Ports: phpMyAdmin
ποΈΒ 30 Aug 2012Β 00:00:00Reported byΒ Copyright (C) 2012 E-Soft Inc.TypeΒ 
Β openvasπΒ plugins.openvas.orgπΒ 17Β Views
The remote host is missing an update to the system as announced in the referenced advisory. Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML. Update your system with the appropriate patches or software upgrades
Show more
| Reporter | Title | Published | Views | Family All 35 |
|---|---|---|---|---|
| FreeBSD Ports: phpMyAdmin | 30 Aug 201200:00 | β | openvas |
| phpMyAdmin Multiple XSS Vulnerabilities (Aug 2012) - Windows | 16 Aug 201700:00 | β | openvas |
| Fedora Update for phpMyAdmin FEDORA-2012-12031 | 30 Aug 201200:00 | β | openvas |
| Fedora Update for phpMyAdmin FEDORA-2012-12060 | 30 Aug 201200:00 | β | openvas |
| Fedora Update for phpMyAdmin FEDORA-2012-12060 | 30 Aug 201200:00 | β | openvas |
| Fedora Update for phpMyAdmin FEDORA-2012-12031 | 30 Aug 201200:00 | β | openvas |
| phpMyAdmin Multiple XSS Vulnerabilities (Aug 2012) - Linux | 16 Aug 201700:00 | β | openvas |
 | CVE-2012-4345 | 21 Aug 201223:55 | β | debiancve |
| CVE-2012-4579 | 21 Aug 201223:55 | β | debiancve |
 | CVE-2012-4345 | 21 Aug 201223:00 | β | cvelist |
10
# SPDX-FileCopyrightText: 2012 E-Soft Inc.
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.71845");
script_tag(name:"cvss_base", value:"3.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:S/C:N/I:P/A:N");
script_cve_id("CVE-2012-4345");
script_version("2023-07-26T05:05:09+0000");
script_tag(name:"last_modification", value:"2023-07-26 05:05:09 +0000 (Wed, 26 Jul 2023)");
script_tag(name:"creation_date", value:"2012-08-30 11:34:18 -0400 (Thu, 30 Aug 2012)");
script_name("FreeBSD Ports: phpMyAdmin");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 E-Soft Inc.");
script_family("FreeBSD Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/freebsd", "ssh/login/freebsdrel");
script_tag(name:"insight", value:"The following package is affected: phpMyAdmin
CVE-2012-4345
Multiple cross-site scripting (XSS) vulnerabilities in the Database
Structure page in phpMyAdmin 3.4.x before 3.4.11.1 and 3.5.x before
3.5.2.2 allow remote authenticated users to inject arbitrary web
script or HTML via (1) a crafted table name during table creation, or
a (2) Empty link or (3) Drop link for a crafted table name.");
script_tag(name:"solution", value:"Update your system with the appropriate patches or
software upgrades.");
script_xref(name:"URL", value:"http://www.phpmyadmin.net/home_page/security/PMASA-2012-4.php");
script_xref(name:"URL", value:"http://www.vuxml.org/freebsd/db1d3340-e83b-11e1-999b-e0cb4e266481.html");
script_tag(name:"summary", value:"The remote host is missing an update to the system
as announced in the referenced advisory.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-bsd.inc");
vuln = FALSE;
txt = "";
bver = portver(pkg:"phpMyAdmin");
if(!isnull(bver) && revcomp(a:bver, b:"3.5.2.2")<0) {
txt += "Package phpMyAdmin version " + bver + " is installed which is known to be vulnerable.\n";
vuln = TRUE;
}
if(vuln) {
security_message(data:txt);
} else if (__pkg_match) {
exit(99);
}Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. ContactΒ us for a demo andΒ discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo30 Aug 2012 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS23.5
EPSS0.00209