CVE-2012-5368

CVE-2012-5368 affects phpMyAdmin 3.5.x before 3.5.3. An underlying root cause is that the JavaScript code loaded from phpmyadmin.net over non-SSL sessions can be modified in transit, enabling cross-site scripting (XSS) via MITM. Exploitation details are not provided in the documents. The practica...

FreeBSD Ports: phpMyAdmin

The remote host is missing an update to the system as announced in the referenced advisory. VID ef417da3-1640-11e2-999b-e0cb4e266481 OpenVAS Vulnerability Test $ Description: Auto generated from VID ef417da3-1640-11e2-999b-e0cb4e266481 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: phpMyAdmin

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Fetching the version information from a non-SSL site is vulnerable to a MITM attack.

PMASA-2012-7 Announcement-ID: PMASA-2012-7 Date: 2012-10-12 Summary Fetching the version information from a non-SSL site is vulnerable to a MITM attack. Description To display information about the current phpMyAdmin version on the main page, a piece of JavaScript is fetched from the phpmyadmin.n...