Lucene search
K

8 matches found

OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.18 views

Fedora Update for phpMyAdmin FEDORA-2008-6868

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.4CVSS6.7AI score0.02388EPSS
Exploits2References2
seebug.org
seebug.org
added 2008/10/26 12:0 a.m.55 views

phpMyAdmin setup.php文件跨站脚本执行漏洞

BugCVE: CVE-2008-3456,CVE-2008-3457 BUGTRAQ: 30420 phpMyAdmin的scripts/setup.php文件中showoverview $title, $list, $buttons = ''函数没有正确地过滤685行echo $val1输入参数便返回给了用户,如果用户受骗跟随了恶意链接的话就会导致在用户浏览器会话中执行任意HTML和脚本代码。 phpMyAdmin 2.11.8 Debian ------ Debian已经为此发布了一个安全公告(DSA-1641-1)以及相应补丁: DSA-1641-1:New phpmyadmin...

6.4CVSS0.6AI score0.02388EPSS
Exploits3
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.20 views

Debian: Security Advisory (DSA-1641-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS7.7AI score0.11175EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2008/09/23 12:0 a.m.35 views

Debian DSA-1641-1 : phpmyadmin - several vulnerabilities

Several remote vulnerabilities have been discovered in phpMyAdmin, a tool to administrate MySQL databases over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2008-4096 Remote authenticated users could execute arbitrary code on the host running...

8.5CVSS5.7AI score0.11175EPSS
Exploits5References9
Debian
Debian
added 2008/09/20 1:14 p.m.29 views

[SECURITY] [DSA 1641-1] New phpmyadmin packages fix several issues

------------------------------------------------------------------------ Debian Security Advisory DSA-1641-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst September 20, 2008 http://www.debian.org/security/faq -...

8.5CVSS7.2AI score0.11175EPSS
Exploits5
OSV
OSV
added 2008/08/04 7:41 p.m.8 views

CVE-2008-3457

Cross-site scripting XSS vulnerability in setup.php in phpMyAdmin before 2.11.8 allows user-assisted remote attackers to inject arbitrary web script or HTML via crafted setup arguments. NOTE: this issue can only be exploited in limited scenarios in which the attacker must be able to modify...

5.3AI score
Exploits0References13
CVE
CVE
added 2008/08/04 7:0 p.m.69 views

CVE-2008-3457

CVE-2008-3457 is a user-assisted XSS in phpMyAdmin’s setup.php, exploitable only in rare scenarios where an attacker can modify config/config.inc.php. Multiple disclosures (Debian DSA-1641-1, OSV, openVAS entries) confirm the vulnerability in phpMyAdmin prior to 2.11.8. Remediation per sources is...

2.6CVSS5.2AI score0.01804EPSS
Exploits2References13Affected Software1
phpMyAdmin
phpMyAdmin
added 2008/07/28 12:0 a.m.33 views

Cross-site Framing; XSS in setup.php

PMASA-2008-6 Announcement-ID: PMASA-2008-6 Date: 2008-07-28 Summary Cross-site Framing; XSS in setup.php Description We received two advisories from Aung Khant YGN Ethical Hacker Group, and we wish to thank him for his work. It was permitted to display phpMyAdmin's frames inside another page,...

2.6CVSS5.7AI score0.01804EPSS
Exploits2Affected Software1
Rows per page
Query Builder