8 matches found
openSUSE Security Update : phpMyAdmin (openSUSE-2019-643)
This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed : - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...
Security update for phpMyAdmin (moderate)
This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed: - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially-crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...
phpMyAdmin < 4.8.3 Vulnerability (PMASA-2018-5)
According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is prior to 4.8.3. It is, therefore, affected by a cross-site Scripting vulnerability. Note that Nessus has not attempted to exploit these issues but has instead relied only on the...
Security update for phpMyAdmin (moderate)
This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed: - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially-crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...
Security update for phpMyAdmin (moderate)
This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed: - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially-crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...
openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2018:2525-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2018-15605
CVE-2018-15605 affects phpMyAdmin prior to 4.8.3. A crafted file loaded via the import feature allows authenticated users to be subjected to a Cross‑Site Scripting (XSS) vulnerability. The issue arises in the file import handling and can be triggered during import of a specially crafted file. Pub...
XSS in the import dialog
PMASA-2018-5 Announcement-ID: PMASA-2018-5 Date: 2018-08-21 Summary XSS in the import dialog Description A Cross-Site Scripting vulnerability was found in the file import feature, where an attacker can deliver a payload to a user through importing a specially-crafted file. Severity We consider th...