5 matches found
Fedora Update for phpMyAdmin FEDORA-2007-3639
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for phpMyAdmin FEDORA-2007-3666
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
phpMyAdmin DB_Create.PHP多个输入验证漏洞
BUGTRAQ ID: 26512 CVE ID:CVE-2007-5976 CVE-2007-5977 CNCVE ID:CNCVE-20075977 phpMyAdmin是一款基于WEB的MySQL管理程序。 phpMyAdmin DBCreate.PHP存在多个输入验证问题,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 问题是由于DBCreate.PHP对参数缺少充分过滤,提交恶意脚本代码作为参数数据,并诱使用户解析,可导致恶意脚本代码在目标用户浏览器上执行。 RedHat Fedora 7 0 phpMyAdmin phpMyAdmin 2.11.1 phpMyAdmi...
CVE-2007-5976
CVE-2007-5976 affects phpMyAdmin prior to 2.11.2.1. The vulnerability is an SQL injection in db_create.php that allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter. This can enable database modification or creation under the att...
FreeBSD : phpmyadmin -- XSS vulnerability (2d2dcbb4-906c-11dc-a951-0016179b2dd5)
The DigiTrust Group reports : When creating a new database, a malicious user can use a client-side Web proxy to place malicious code in the db parameter of the POST request. Since dbcreate.php does not properly sanitize user-supplied input, an administrator could face a persistent XSS attack when...