13 matches found
phpMyAdmin 4.9.0 < 4.9.6 / 5.0.0 < 5.0.3 Multiple Vulnerabilities (PMASA-2020-5, PMASA-2020-6)
According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.9.x prior to 4.9.6 or 5.0.x prior to 5.0.3. It is, therefore, affected by multiple vulnerabilities. - phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature...
USN-4639-1: phpMyAdmin vulnerabilities
It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. CVE-2018-19968 It was discovered that phpMyAdmin incorrectly handled user input. An...
phpMyAdmin < 4.9.6, 5.x < 5.0.3 Multiple Vulnerabilities (PMASA-2020-5, PMASA-2020-6) - Linux
phpMyAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin"; if...
openSUSE Security Update : phpMyAdmin (openSUSE-2020-1806)
This update for phpMyAdmin fixes the following issues : phpMyAdmin was updated to 4.9.7 boo1177842 : - Fix two factor authentication that was broken in 4.9.6 - Fix incompatibilities with older PHP versions Update to 4.9.6 : - Fixed XSS relating to the transformation feature boo1177561...
openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2020:1806-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Debian: Security Advisory (DLA-2413-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2413-1] phpmyadmin security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2413-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA October 25, 2020 https://wiki.debian.org/LTS -...
Fedora: Security Advisory for phpMyAdmin (FEDORA-2020-eadda524a8)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for phpMyAdmin (FEDORA-2020-4e78c86902)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2020:1675-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Updated phpmyadmin packages fix security vulnerabilities
A vulnerability was discovered where an attacker can cause an XSS attack through the transformation feature. If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and complete the instructions made by the...
CVE-2020-26934
phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link...
CVE-2020-26934
CVE-2020-26934 affects phpMyAdmin prior to 4.9.6 and 5.x prior to 5.0.3, allowing cross-site scripting through the transformation feature when a crafted link is visited. The issue is documented across multiple advisories confirming an XSS payload via the transformation UI. Remediation shown in co...