2 matches found
GHSA-WM9C-VCV2-VPQC phpMyAdmin full path disclosure vulnerability
phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving 1 an array value to FormDisplay.php, 2 incorrect data to validate.php, 3 unexpected data to Validator.php, 4 a missing config directory...
Ikiwiki 'openid_identifier' parameter cross-site scripting vulnerability
Ikiwiki is a wiki compiler that supports the conversion of wiki pages into HTML pages for web publishing. Ikiwiki handles a cross-site scripting vulnerability in the 'openididentifier' parameter, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code,...