CVE-2025-1106

A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the function deletediraction/restoreaction in the library lib/admin/databaseadmin.php. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2025-66237

DCIM dcTrack platforms utilize default and hard-coded credentials for access. An attacker could use these credentials to administer the database, escalate privileges on the platform or execute system commands on the host...

EUVD-2012-2987

Malware in sbrugna...

EUVD-2016-6369

Malware in sbrugna...

EUVD-2007-2154

Malware in sbrugna...

EUVD-2007-2155

Malware in sbrugna...

CVE-2025-55910

CMSEasy v7.7.8.0 and before is vulnerable to Arbitrary file deletion in databaseadmin.php...

CVE-2023-4092

SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to read sensitive data from the database, modify data insert/update/delete, perform database administration operations and, in some cases, execute commands on the...

Sql injection

SQL injection vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to read sensitive data from the database, modify data insert/update/delete, perform database administration operations and, in some cases, execute commands on the...

iCMS 路径遍历漏洞

iCMS is a software application. It is an efficient and simple content management system built with PHP and MySQL. A path traversal vulnerability exists in iCMS v7.0.13, which allows remote attackers to delete a folder by injecting a command into a manual HTTP request to the "do del" method of the...

Jason2605 AdminPanel SQL Injection Vulnerability

Jason2605 AdminPanel is a database administration panel. Jason2605 AdminPanel suffers from a SQL injection vulnerability. The vulnerability stems from a database-based application that lacks validation of externally entered SQL statements. An attacker can exploit this vulnerability to execute...

[SECURITY] Fedora 28 Update: phpMyAdmin-4.8.0.1-1.fc28

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 26 Update: phpMyAdmin-4.7.7-1.fc26

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 22 Update: phpMyAdmin-4.5.1-1.fc22

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.7.1-1.fc20

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

SourceForge Investigates Backdoor Code Found in Copy of phpMyAdmin

The popular open-source repository SourceForge is investigating how a corrupted copy of phpMyAdmin came to be served from a Korean-based mirror. Logs indicate 400 users downloaded the malicious file before it was removed from rotation today. “One of the SourceForge.net mirrors, namely...

[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.2.2-1.fc17

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Dell KACE K2000 Appliance database administration account allows arbitrary command execution

Overview The Dell KACE K2000 System Deployment Appliance contains a vulnerability that could allow a remote attacker to execute arbitrary commands on an affected device. Description The Dell KACE K2000 Deployment Appliance is an integrated systems provisioning product for large-scale operating...

phpMyAdmin Closes Code Execution Holes

The phpMyAdmin developers have announced the release of version 3.3.5.1 and 2.11.10.1 of their database administration tool, security updates that fix one critical and several serious vulnerabilities. Read the full article. The H Security...

TYPO3 Security Bulletin

It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Broken Access Control. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.1.0 till 4.8.0 including Vulnerability Type: Broken Access...