9 matches found
CVE-2008-3197
Cross-site request forgery CSRF vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to 1 the db parameter in the "Creating a Database" functionality dbcreate.php, and 2 the convcharset and collationconnection parameters related...
openSUSE Security Update : phpMyAdmin (phpMyAdmin-442)
This is a version upgrade to phpMyAdmin 2.11.9.4 to fix various security bugs. CVE-2008-2960, CVE-2008-3197, CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, CVE-2008-4096, CVE-2008-4326, CVE-2008-5621, CVE-2008-5622 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-5935)
This is a version upgrade to phpMyAdmin 2.11.9.4 to fix various security bugs. CVE-2008-2960, CVE-2008-3197, CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, CVE-2008-4096, CVE-2008-4326, CVE-2008-5621, CVE-2008-5622 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
Debian: Security Advisory (DSA-1641-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1641-1 : phpmyadmin - several vulnerabilities
Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administrate MySQL databases over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-4096 Remote authenticated users could execute arbitrary code on the host running...
[SECURITY] [DSA 1641-1] New phpmyadmin packages fix several issues
------------------------------------------------------------------------ Debian Security Advisory DSA-1641-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 20, 2008 http://www.debian.org/security/faq -...
CVE-2008-3197
Cross-site request forgery CSRF vulnerability in phpMyAdmin before 2.11.7.1 allows remote attackers to perform unauthorized actions via a link or IMG tag to 1 the db parameter in the "Creating a Database" functionality dbcreate.php, and 2 the convcharset and collationconnection parameters related...
CVE-2008-3197
CVE-2008-3197 affects phpMyAdmin prior to 2.11.7.1, introducing a cross-site request forgery (CSRF) that enables unauthorized actions via links or image tags. The CSRF targets (1) the db parameter in the “Creating a Database” function (db_create.php) and (2) convcharset and collation_connection r...
XSRF/CSRF for creating a database and modifying user charset
PMASA-2008-5 Announcement-ID: PMASA-2008-5 Date: 2008-07-15 Updated: 2008-07-16 Summary XSRF/CSRF for creating a database and modifying user charset Description We received an advisory from Aung Khant YGN Ethical Hacker Group, and we wish to thank him for his work. A logged-in user, if abused int...