18 matches found
EUVD-2016-7525
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-8959
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x...
SUSE CVE-2016-6607
XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...
ALPINE-CVE-2016-6607
XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...
UBUNTU-CVE-2016-6607
XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...
CVE-2016-6607
XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...
Design/Logic Flaw
XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...
CVE-2016-6607
XSS issues were discovered in phpMyAdmin. This affects Zoom search specially crafted column content can be used to trigger an XSS attack; GIS editor certain fields in the graphical GIS editor are not properly escaped and can be used to trigger an XSS attack; Relation view; the following...
CVE-2016-6607
phpMyAdmin is affected by CVE-2016-6607: XSS vulnerabilities in multiple components (Zoom search, GIS editor, relations view, various Transformations, XML/MediaWiki exports, Designer, etc.) due to improper escaping. Affected are phpMyAdmin 4.0.x before 4.0.10.17, 4.4.x before 4.4.15.8, and 4.6.x ...
DEBIAN-CVE-2014-8959
Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter...
CVE-2014-8959
Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter...
CVE-2014-8959
Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter...
Directory traversal
Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter...
CVE-2014-8959
Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter...
CVE-2014-8959
Directory traversal vulnerability in libraries/gis/GISFactory.class.php in the GIS editor in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allows remote authenticated users to include and execute arbitrary local files via a crafted geometry-type parameter...
FreeBSD : phpMyAdmin -- XSS and information disclosure vulnerabilities (a5d4a82a-7153-11e4-88c7-6805ca0b3d42)
The phpMyAdmin development team reports : - With a crafted database, table or column name it is possible to trigger an XSS attack in the table browse page. - With a crafted ENUM value it is possible to trigger XSS attacks in the table print view and zoom search pages. - With a crafted value for...
Local file inclusion vulnerability.
PMASA-2014-14 Announcement-ID: PMASA-2014-14 Date: 2014-11-20 Summary Local file inclusion vulnerability. Description In the GIS editor feature, a parameter specifying the geometry type was not correcly validated, opening the door to a local file inclusion attack. Severity We consider this...
phpMyAdmin -- XSS and information disclosure vulnerabilities
The phpMyAdmin development team reports: With a crafted database, table or column name it is possible to trigger an XSS attack in the table browse page. With a crafted ENUM value it is possible to trigger XSS attacks in the table print view and zoom search pages. With a crafted value for font siz...