Debian: Security Advisory (DLA-481-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 481-2] phpmyadmin regression update

Package : phpmyadmin Version : 4:3.4.11.1-2+deb7u4 CVE ID : CVE-2016-1927 CVE-2016-2038 CVE-2016-2039 CVE-2016-2040 CVE-2016-2041 CVE-2016-2045 CVE-2016-2560 Debian Bug : 825301 The previous security upload broke the search pages in phpMyAdmin. This was caused by a broken patch applied to fix...

Debian DLA-481-2 : phpmyadmin regression update

The previous security upload broke the search pages in phpMyAdmin. This was caused by a broken patch applied to fix CVE-2016-2040. For Debian 7 'Wheezy', these problems have been fixed in version 4:3.4.11.1-2+deb7u4. NOTE: Tenable Network Security has extracted the preceding description block...

[SECURITY] [DLA 481-1] phpmyadmin security update

Package : phpmyadmin Version : 4:3.4.11.1-2+deb7u3 CVE ID : CVE-2016-1927 CVE-2016-2038 CVE-2016-2039 CVE-2016-2040 CVE-2016-2041 CVE-2016-2045 CVE-2016-2560 This security update fixes a number of security issues in phpMyAdmin. We recommend you upgrade your phpmyadmin packages. CVE-2016-1927...

phpMyAdmin 4.0.x < 4.0.10.13 / 4.4.x < 4.4.15.3 / 4.5.x < 4.5.4 Multiple Vulnerabilities (PMASA-2016-1 - PMASA-2016-5)

Binary data 9115.prm...

phpMyAdmin Multiple Vulnerabilities -01 (Feb 2016)

phpMyAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin";...

CVE-2016-2040

CVE-2016-2040 is an XSS vulnerability in phpMyAdmin affecting multiple branches (4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, 4.5.x before 4.5.4) where remote authenticated users can inject arbitrary script via a Location header, as well as via table name, SET value, or search query. Connected ...

openSUSE Security Update : phpMyAdmin (openSUSE-2016-151)

This update to phpMyAdmin 4.4.15.4 fixes the following issues boo964024 - CVE-2016-2038: Multiple full path disclosure vulnerabilities - CVE-2016-2039: Unsafe generation of XSRF/CSRF token - CVE-2016-2040: Multiple XSS vulnerabilities - CVE-2016-1927: Insecure password generation in JavaScript -...

Updated phpmyadmin/phpseclib packages fix security vulnerability

Password suggestion functionality uses Math.random which does not provide cryptographically secure random numbers CVE-2016-1927. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full pa...

Multiple XSS vulnerabilities.

PMASA-2016-3 Announcement-ID: PMASA-2016-3 Date: 2016-01-24 Summary Multiple XSS vulnerabilities. Description With a crafted table name it is possible to trigger an XSS attack in the database search page. With a crafted SET value or a crafted search query, it is possible to trigger an XSS attacks...