Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2016/07/18 12:0 a.m.41 views

Debian DLA-551-1 : phpmyadmin security update

Phpmyadmin, a web administration tool for MySQL, had several Cross Site Scripting XSS vulnerabilities were reported. CVE-2016-5731 With a specially crafted request, it is possible to trigger an XSS attack through the example OpenID authentication script. CVE-2016-5733 Several XSS vulnerabilities...

7.5CVSS7AI score0.02892EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2016/07/10 12:0 a.m.30 views

Fedora Update for phpMyAdmin FEDORA-2016-56ee5cb8b6

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.2AI score0.81373EPSS
Exploits8References2
Mageia
Mageia
added 2016/07/05 3:47 p.m.40 views

Updated phpmyadmin packages fix security vulnerability

In phpMyAdmin before 4.4.15.7, a vulnerability was discovered that allows a BBCode injection to setup script in case it's not accessed on https CVE-2016-5701. In phpMyAdmin before 4.4.15.7, a vulnerability was discovered that allows an SQL injection attack to run arbitrary commands as the control...

9.8CVSS0.3AI score0.02892EPSS
Exploits0References10
OpenVAS
OpenVAS
added 2016/07/04 12:0 a.m.46 views

phpMyAdmin Multiple Vulnerabilities (PMASA-2016-24, PMASA-2016-26, PMASA-2016-27, PMASA-2016-28) - Windows

phpMyAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin";...

9.8CVSS6.1AI score0.81373EPSS
Exploits8References4
OSV
OSV
added 2016/07/03 1:59 a.m.4 views

CVE-2016-5739

The Transformation implementation in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not use the no-referrer Content Security Policy CSP protection mechanism, which makes it easier for remote attackers to conduct CSRF attacks by reading an authentication toke...

7.5CVSS7.6AI score
Exploits0References8
CVE
CVE
added 2016/07/03 1:0 a.m.70 views

CVE-2016-5739

CVE-2016-5739 affects phpMyAdmin: Transformation feature vulnerability in 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3. Root cause is omission of no-referrer CSP, enabling CSRF token leakage via Referer header. Impact: potential exposure/read of authentication token enabl...

7.5CVSS8.4AI score0.02892EPSS
Exploits0References8Affected Software2
Tenable Nessus
Tenable Nessus
added 2016/06/29 12:0 a.m.38 views

openSUSE Security Update : phpMyAdmin (openSUSE-2016-804)

phpMyAdmin was updated to version 4.4.15.7 to fix eight security issues. These security issues were fixed : - CVE-2016-5701: BBCode injection vulnerability boo986154 - CVE-2016-5703: SQL injection attack boo986154 - CVE-2016-5705: Multiple XSS vulnerabilities boo986154 - CVE-2016-5706: DOS attack...

9.8CVSS6.6AI score0.02892EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2016/06/28 12:0 a.m.29 views

Fedora Update for phpMyAdmin FEDORA-2016-81c2dabf20

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.2AI score0.81373EPSS
Exploits8References2
ArchLinux
ArchLinux
added 2016/06/25 12:0 a.m.43 views

phpmyadmin: multiple issues

CVE-2016-5702 cookie attribute injection A vulnerability was found where, under some circumstances, an attacker can inject arbitrary values in the browser cookies. Only affected when PHPSELF is not set. - CVE-2016-5703 SQL injection A vulnerability was discovered that allows an SQL injection...

7.5CVSS0.8AI score0.02892EPSS
Exploits0References23
phpMyAdmin
phpMyAdmin
added 2016/06/23 12:0 a.m.33 views

Referrer leak in transformations

PMASA-2016-28 Announcement-ID: PMASA-2016-28 Date: 2016-06-23 Summary Referrer leak in transformations Description A vulnerability was reported where a specially crafted Transformation could be used to leak information including the authentication token. This could be used to direct a CSRF attack...

7.5CVSS7.1AI score0.02892EPSS
Exploits0Affected Software1
Rows per page
Query Builder