3 matches found
CVE-2011-4782
Cross-site scripting XSS vulnerability in libraries/config/ConfigFile.class.php in the setup interface in phpMyAdmin 3.4.x before 3.4.9 allows remote attackers to inject arbitrary web script or HTML via the host parameter...
phpMyAdmin 3.4.x < 3.4.9 XSS (PMASA-2011-19 - PMASA-2011-20)
The version of phpMyAdmin hosted on the remote web server is 3.4.x less than 3.4.9 and thus is reportedly affected by two cross-site scripting vulnerabilities : - The 'libraries/displayexport.lib.php' script does not properly sanitize the '$GET' array elements 'limitto', 'limitfrom' and...
Code injection
Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...