8 matches found
Debian DSA-2975-1 : phpmyadmin - security update
Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-4995 Authenticated users could inject arbitrary web script or HTML via a crafted SQL query. -...
[SECURITY] [DSA 2975-1] phpmyadmin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2975-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 09, 2014 http://www.debian.org/security/faq -...
phpMyAdmin 3.5.x < 3.5.8.2 / 4.0.x < 4.0.4.2 Multiple Vulnerabilities (PMASA-2013-8 - PMASA-2013-15
According to its self-identified version number, the phpMyAdmin install hosted on the remote web server is 3.5.x earlier than 3.5.8.2 or 4.0.x earlier than 4.0.4.2. It is, therefore, affected by the following vulnerabilities : - Numerous input validation errors exist that could lead to cross-site...
CVE-2013-5002
Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...
DEBIAN-CVE-2013-5002
Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...
CVE-2013-5002
Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...
CVE-2013-5002
Cross-site scripting XSS vulnerability in libraries/schema/ExportRelationSchema.class.php in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allows remote authenticated users to inject arbitrary web script or HTML via a crafted pageNumber value to schemaexport.php...
CVE-2013-5002
Summary (CVE-2013-5002): phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 contain a cross-site scripting (XSS) vulnerability. An authenticated remote user can inject arbitrary web script or HTML via a crafted pageNumber value to schema_export.php. The issue arises in libraries/schema/Expo...