Lucene search
K

12 matches found

Ubuntu
Ubuntu
added 2020/11/19 3:1 p.m.305 views

USN-4639-1: phpMyAdmin vulnerabilities

It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. CVE-2018-19968 It was discovered that phpMyAdmin incorrectly handled user input. An...

9.8CVSS7.1AI score0.67081EPSS
Exploits10
Check Point Advisories
Check Point Advisories
added 2019/11/21 12:0 a.m.6 views

phpMyAdmin Navigation-Tree Stored Cross-Site Scripting (CVE-2018-19970)

A stored cross-site scripting vulnerability exists in phpMyAdmin. The vulnerability is due to insufficient input validation in the web-based management interface. Successful exploitation could result in execution of arbitrary script on the affected system...

4.3CVSS2.7AI score0.02596EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/03/27 12:0 a.m.37 views

openSUSE Security Update : phpMyAdmin (openSUSE-2019-1009)

This update for phpMyAdmin fixes security issues and bugs. Security issues addressed in the 4.8.4 release bsc1119245 : - CVE-2018-19968: Local file inclusion through transformation feature - CVE-2018-19969: XSRF/CSRF vulnerability - CVE-2018-19970: XSS vulnerability in navigation tree This update...

8.8CVSS7.1AI score0.03254EPSS
Exploits0References4
Debian
Debian
added 2019/02/01 10:54 p.m.180 views

[SECURITY] [DLA 1658-1] phpmyadmin security update

Package : phpmyadmin Version : 4:4.2.12-2+deb8u4 CVE ID : CVE-2018-19968 CVE-2018-19970 A couple of vulnerabilities have been discovered in phpmyadmin, MySQL web administration tool. CVE-2018-19968 An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an...

6.5CVSS6.8AI score0.03254EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/12/18 12:0 a.m.38 views

openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2018:4124-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS6.8AI score0.03254EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/12/18 12:0 a.m.24 views

openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2018:4124-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS6.8AI score0.03254EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2018/12/14 6:10 p.m.166 views

Security update for phpMyAdmin (moderate)

This update for phpMyAdmin fixes security issues and bugs. Security issues addressed in the 4.8.4 release bsc1119245: - CVE-2018-19968: Local file inclusion through transformation feature - CVE-2018-19969: XSRF/CSRF vulnerability - CVE-2018-19970: XSS vulnerability in navigation tree This update...

0.3AI score0.03254EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/12/12 12:0 a.m.45 views

phpMyAdmin 4.x < 4.8.4 Multiple Vulnerabilities (PMASA-2018-6, PMASA-2018-8) - Windows

phpMyAdmin is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.03254EPSS
Exploits0References2
OSV
OSV
added 2018/12/11 5:29 p.m.24 views

CVE-2018-19970

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name...

6.1CVSS5.8AI score
Exploits0References4
CVE
CVE
added 2018/12/11 5:0 p.m.155 views

CVE-2018-19970

Affected product: phpMyAdmin. Vulnerability: CVE-2018-19970 is a stored XSS in the navigation tree triggered by crafted database/table names in phpMyAdmin before version 4.8.4. Root cause: insufficient input handling in the navigation UI allows injecting script that can be executed in a user’s br...

6.1CVSS5.9AI score0.02596EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/12/11 12:0 a.m.85 views

phpMyAdmin 4.x < 4.8.4 Multiple Vulnerabilities (PMASA-2018-6) (PMASA-2018-8)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.x prior to 4.8.4. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in the transformation feature. An authenticated, remote attacker c...

6.5CVSS7.2AI score0.03254EPSS
Exploits0References4
phpMyAdmin
phpMyAdmin
added 2018/12/07 12:0 a.m.46 views

XSS vulnerability in navigation tree

PMASA-2018-8 Announcement-ID: PMASA-2018-8 Date: 2018-12-07 Summary XSS vulnerability in navigation tree Description A Cross-Site Scripting vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a specially-crafted database/table name. Severity W...

6.1CVSS6.8AI score0.02596EPSS
Exploits0Affected Software1
Rows per page
Query Builder