CVE-2007-1634

Variable extraction vulnerability in grabglobals.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the FILESDBtmpname parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation...

FreeBSD : phpmyadmin -- register_globals emulation 'import_blacklist' manipulation (23afd91f-676b-11da-99f6-00123ffe8333)

Secunia reports : Stefan Esser has reported a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerability is caused due to an error in the registerglobals...

CVE-2005-4079

The registerglobals emulation in phpMyAdmin 2.7.0 rc1 allows remote attackers to exploit other vulnerabilities in phpMyAdmin by modifying the importblacklist variable in grabglobals.php, which can then be used to overwrite other variables...

phpmyadmin -- register_globals emulation "import_blacklist" manipulation

Secunia reports: Stefan Esser has reported a vulnerability in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and compromise a vulnerable system. The vulnerability is caused due to an error in the registerglobals...

CVE-2005-3300

The registerglobals emulation layer in grabglobals.php for phpMyAdmin before 2.6.4-pl3 does not perform safety checks on values in the FILES array for uploaded files, which allows remote attackers to include arbitrary files by using direct requests to library scripts that do not use...