10 matches found
openSUSE Security Update : phpMyAdmin (phpMyAdmin-442)
This is a version upgrade to phpMyAdmin 2.11.9.4 to fix various security bugs. CVE-2008-2960, CVE-2008-3197, CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, CVE-2008-4096, CVE-2008-4326, CVE-2008-5621, CVE-2008-5622 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
Gentoo Security Advisory GLSA 200903-32 (phpmyadmin)
The remote host is missing updates announced in advisory GLSA 200903-32. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
[SECURITY] [DSA 1723-1] New phpmyadmin packages fix arbitrary code execution
------------------------------------------------------------------------ Debian Security Advisory DSA-1723-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst February 11, 2009 http://www.debian.org/security/faq -...
Mandrake Security Advisory MDVSA-2009:026 (phpMyAdmin)
The remote host is missing an update to phpMyAdmin announced via advisory MDVSA-2009:026. OpenVAS Vulnerability Test $Id: mdksa2009026.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:026 phpMyAdmin Authors: Thomas Reinke Copyright: Copyright c 2009...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-5621. Reason: This candidate is a duplicate of CVE-2008-5621. Notes: All CVE users should reference CVE-2008-5621 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
CVE-2008-5621
Cross-site request forgery CSRF vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tblstructure.php with a modified table parameter. NOTE: other unspecified pages are also...
CVE-2008-5621
phpMyAdmin is affected by a CSRF vulnerability CVE-2008-5621 in versions 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0. An attacker can induce an administrator to perform actions via a crafted link or image tag to tbl_structure.php with a modified table parameter, with potential for SQL injection...
CVE-2008-5622
CVE-2008-5622 is not a standalone active entry; it is listed together with CVE-2008-5621 in multiple advisories. Connected sources (Gentoo GLSA 200903-32, openSUSE/SUSE plugin references, and Debian/Gentoo/Nessus entries) describe phpMyAdmin vulnerabilities as CSRF-related, with vectors including...
CVE-2008-5621
Cross-site request forgery CSRF vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tblstructure.php with a modified table parameter. NOTE: other unspecified pages are also...
SQL injection through XSRF on several pages
PMASA-2008-10 Announcement-ID: PMASA-2008-10 Date: 2008-12-09 Summary SQL injection through XSRF on several pages Description A logged-in user can be subject of SQL injection through cross site request forgery. Several pages which use affected library in phpMyAdmin are vulnerable and the attack c...