8 matches found
USN-4639-1: phpMyAdmin vulnerabilities
It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. CVE-2018-19968 It was discovered that phpMyAdmin incorrectly handled user input. An...
Security update for phpMyAdmin (moderate)
openSUSE Security Update: Security update for phpMyAdmin Announcement ID: openSUSE-SU-2019:1861-1 Rating: moderate References: 1137496 1137497 Cross-References: CVE-2019-11768 CVE-2019-12616 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes two vulnerabilities is now available...
openSUSE Security Update : phpMyAdmin (openSUSE-2019-1689)
This update for phpMyAdmin fixes the following issues : phpMyAdmin was updated to 4.9.0.1 : - Several issues with SYSTEM VERSIONING tables - Fixed json encode error in export - Fixed JavaScript events not activating on input sql bookmark issue - Show Designer combo boxes when adding a constraint ...
phpMyAdmin < 4.8.6 SQL Injection Vulnerability (PMASA-2019-3) - Linux
phpMyAdmin is prone to an SQL injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin"; if...
phpMyAdmin < 4.8.6 SQL Injection Vulnerability (PMASA-2019-3) - Windows
phpMyAdmin is prone to an SQL injection vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin"; if...
CVE-2019-11768
An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature...
CVE-2019-11768
phpMyAdmin prior to 4.9.0.1 is affected by an SQL injection via the Designer feature triggered by a specially crafted database name. The issue is fixed in 4.9.0.1 (and later per advisories). Impact per sources includes potential high-severity consequences; upgrade to 4.9.0.1 or newer to remediate.
SQL injection in Designer feature
PMASA-2019-3 Announcement-ID: PMASA-2019-3 Date: 2019-05-06 Summary SQL injection in Designer feature Description A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature. Severity We consider this vulnerabili...