Lucene search
K

16 matches found

Check Point Advisories
Check Point Advisories
added 2013/10/20 12:0 a.m.8 views

PhpMyAdmin Sweky Remote Code Injection Exploit (CVE-2011-2506)

A Code Injection vulnerability has been reported in PhpMyAdmin...

6.9AI score0.09626EPSS
Exploits14
OpenVAS
OpenVAS
added 2012/02/12 12:0 a.m.36 views

Gentoo Security Advisory GLSA 201201-01 (phpMyAdmin)

The remote host is missing updates announced in advisory GLSA 201201-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

10CVSS0.4AI score0.14714EPSS
Exploits34
OpenVAS
OpenVAS
added 2011/08/18 12:0 a.m.36 views

Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5CVSS5.8AI score0.02974EPSS
Exploits5References2
securityvulns
securityvulns
added 2011/08/01 12:0 a.m.77 views

[SECURITY] [DSA 2286-1] phpmyadmin security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2286-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 26, 2011 http://www.debian.org/security/faq -...

7.5CVSS1.5AI score0.12879EPSS
Exploits18
Debian
Debian
added 2011/07/26 7:11 p.m.32 views

[SECURITY] [DSA 2286-1] phpmyadmin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2286-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 26, 2011 http://www.debian.org/security/faq -...

7.5CVSS6.6AI score0.12879EPSS
Exploits18
OpenVAS
OpenVAS
added 2011/07/18 12:0 a.m.27 views

Fedora Update for phpMyAdmin FEDORA-2011-9144

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.5CVSS6.7AI score0.12879EPSS
Exploits18References2
CVE
CVE
added 2011/07/14 11:0 p.m.168 views

CVE-2011-2506

CVE-2011-2506 affects phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1. Root cause: setup/lib/ConfigGenerator.class.php does not properly restrict closing comment delimiters, enabling remote attackers to perform static code injection by manipulating the SESSION superglobal. Impact: remote ...

7.5CVSS6.5AI score0.09626EPSS
Exploits14References19Affected Software1
Exploit DB
Exploit DB
added 2011/07/09 12:0 a.m.210 views

phpMyAdmin 3.x - Swekey Remote Code Injection

':'';? . , \ . . ,/ , / , \ \ // / / / \ | | \ / | |\ /| | | | | | | | / | | | | / | | | || | | | | | \ \ | | | || | \ \ | | | | | | | | | | | | / / | | | | | | | | | | | | | | | |// || || | |// || || ||| | || ||| || | ||...

7.5CVSS6.6AI score0.12879EPSS
Exploits16
0day.today
0day.today
added 2011/07/09 12:0 a.m.99 views

phpMyAdmin 3.x Swekey Remote Code Injection Exploit

Exploit for php platform in category web applications ':'';? . , \ . . ,/ , / , \ \ // / / / \ | | \ / | |\ /| | | | | | | | / | | | | / | | | || | | | | | \ \ | | | || | \ \ | | | | | | | | | | | | / / | | | | | | | | | | | | | | | |// || || | |// || || ||| | || ||| || | ||...

7.1AI score0.12879EPSS
Exploits16
Packet Storm
Packet Storm
added 2011/07/09 12:0 a.m.60 views

phpMyAdmin3 Remote Code Execution

!/usr/bin/env python coding=utf-8 pma3 - phpMyAdmin3 remote code execute exploit Author: wofeiwo Thx Superhei Tested on: 3.1.1, 3.2.1, 3.4.3 CVE: CVE-2011-2505, CVE-2011-2506 Date: 2011-07-08 Have fun, DO NOT USE IT TO DO BAD THING. Requirements: 1. "config" directory must created&writeable in pm...

7.5CVSS6.6AI score0.12879EPSS
Exploits16
seebug.org
seebug.org
added 2011/07/09 12:0 a.m.50 views

phpMyAdmin 3.x Multiple Remote Code Executions

No description provided by source. File: libraries/auth/swekey/swekey.auth.lib.php Lines: 266-276 Patched in: 3.3.10.2 and 3.4.3.1 Type: Variable Manipulation Assigned CVE id: CVE-2011-2505 PMA Announcement-ID: PMASA-2011-5 266 if strstr$SERVER'QUERYSTRING','sessiontounset' != false 267 268...

7.5CVSS0.4AI score0.12879EPSS
Exploits18
seebug.org
seebug.org
added 2011/07/09 12:0 a.m.229 views

phpMyAdmin 3.x Swekey Remote Code Injection Exploit

No description provided by source. ?php / Exploit Title: phpMyAdmin 3.x Swekey Remote Code Injection Exploit Date: 2011-07-09 Author: Mango of ha.xxor.se Version: phpMyAdmin 3.3.10.2 || phpMyAdmin 3.4.3.1 CVE : CVE-2011-2505, CVE-2011-2506 Advisory:...

7.5CVSS0.2AI score0.12879EPSS
Exploits16
exploitpack
exploitpack
added 2011/07/08 12:0 a.m.41 views

phpMyAdmin3 (pma3) - Remote Code Execution

phpMyAdmin3 pma3 - Remote Code Execution !/usr/bin/env python coding=utf-8 pma3 - phpMyAdmin3 remote code execute exploit Author: wofeiwo Thx Superhei Tested on: 3.1.1, 3.2.1, 3.4.3 CVE: CVE-2011-2505, CVE-2011-2506 Date: 2011-07-08 Have fun, DO NOT USE IT TO DO BAD THING. Requirements: 1. "confi...

7.5CVSS6.8AI score0.12879EPSS
Exploits16
Exploit DB
Exploit DB
added 2011/07/08 12:0 a.m.760 views

phpMyAdmin3 (pma3) - Remote Code Execution

!/usr/bin/env python coding=utf-8 pma3 - phpMyAdmin3 remote code execute exploit Author: wofeiwo Thx Superhei Tested on: 3.1.1, 3.2.1, 3.4.3 CVE: CVE-2011-2505, CVE-2011-2506 Date: 2011-07-08 Have fun, DO NOT USE IT TO DO BAD THING. Requirements: 1. "config" directory must created&writeable in pm...

7.5CVSS6.6AI score0.12879EPSS
Exploits16
Packet Storm
Packet Storm
added 2011/07/08 12:0 a.m.62 views

phpMyAdmin 3.x Remote Code Execution

phpMyAdmin 3.x Multiple Remote Code Executions This post details a few interesting vulnerabilities I found while relaxing and reading the sourcecode of phpMyAdmin. My original advisory can be found here. If you would like me to audit your PHP project, check out Xxor's PHP code auditing service. T...

7.5CVSS0.12879EPSS
Exploits18
phpMyAdmin
phpMyAdmin
added 2011/07/02 12:0 a.m.57 views

Possible code injection in setup script in case session variables are compromised.

PMASA-2011-6 Announcement-ID: PMASA-2011-6 Date: 2011-07-02 Summary Possible code injection in setup script in case session variables are compromised. Description An unsanitized key from the Servers array is written in a comment of the generated config. An attacker can modify this key by modifyin...

7.5CVSS5.8AI score0.09626EPSS
Exploits14Affected Software1
Rows per page
Query Builder