5 matches found
openSUSE Security Update : phpMyAdmin (phpMyAdmin-442)
This is a version upgrade to phpMyAdmin 2.11.9.4 to fix various security bugs. CVE-2008-2960, CVE-2008-3197, CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, CVE-2008-4096, CVE-2008-4326, CVE-2008-5621, CVE-2008-5622 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-5935)
This is a version upgrade to phpMyAdmin 2.11.9.4 to fix various security bugs. CVE-2008-2960, CVE-2008-3197, CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, CVE-2008-4096, CVE-2008-4326, CVE-2008-5621, CVE-2008-5622 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
phpMyAdmin远程跨站脚本漏洞
CVECAN ID: CVE-2008-2960 phpMyAdmin是用PHP编写的工具,用于通过WEB管理MySQL。 如果PHP registerglobals的设置为on且服务器没有应用/libraries中.htaccess文件的设置的话,远程攻击者就可以通过向phpMyAdmin提交恶意请求执行跨站脚本攻击,导致执行任意代码。 phpMyAdmin 2.11.7 厂商补丁: phpMyAdmin ---------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
CVE-2008-2960
CVE-2008-2960 is a cross-site scripting (XSS) vulnerability in phpMyAdmin before 2.11.7 that occurs when register_globals is enabled and .htaccess support is disabled. It allows remote attackers to inject arbitrary web script or HTML via scripts in libraries/. The connected documents confirm the ...
XSS on plausible insecure PHP installation
PMASA-2008-4 Announcement-ID: PMASA-2008-4 Date: 2008-06-23 Summary XSS on plausible insecure PHP installation Description We received an advisory from Tim Starling Wikimedia, and we wish to thank him for his work. Some scripts in the /libraries directory were vulnerable to XSS. Severity We...