Debian: Security Advisory (DLA-626-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2016-0291)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-6614

An issue was discovered in phpMyAdmin involving the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a specially-crafted user name can be used to circumvent restrictions to traverse the file system. All 4.6.x versions prior...

CVE-2016-6614

CVE-2016-6614 affects phpMyAdmin and is caused by the %u username replacement used by SaveDir and UploadDir, enabling a specially crafted username to bypass file-system restrictions (Filesystem traversal). Affected versions: all 4.6.x prior to 4.6.4, all 4.4.x prior to 4.4.15.8, and all 4.0.x pri...

Debian DLA-626-1 : phpmyadmin security update

Phpmyadmin, a web administration tool for MySQL, had several vulnerabilities reported. CVE-2016-6606 A pair of vulnerabilities were found affecting the way cookies are stored. The decryption of the username/password is vulnerable to a padding oracle attack. The can allow an attacker who has acces...

Path traversal with SaveDir and UploadDir

PMASA-2016-37 Announcement-ID: PMASA-2016-37 Date: 2016-07-12 Summary Path traversal with SaveDir and UploadDir Description A vulnerability was reported with the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a...