Linux Distros Unpatched Vulnerability : CVE-2016-2044

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libraries/sql-parser/autoload.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted...

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

UBUNTU-CVE-2016-2043

Cross-site scripting XSS vulnerability in the goToFinish1NF function in js/normalization.js in phpMyAdmin 4.4.x before 4.4.15.3 and 4.5.x before 4.5.4 allows remote authenticated users to inject arbitrary web script or HTML via a table name to the normalization page...

CVE-2016-2045

CVE-2016-2045 affects phpMyAdmin 4.5.x before 4.5.4. An XSS vulnerability in the SQL editor allows remote authenticated users to inject arbitrary script/HTML via a SQL query that triggers JSON data in the response. Root cause is a cross-site scripting flaw in the SQL editor when handling crafted ...

XSS vulnerability in SQL editor.

PMASA-2016-9 Announcement-ID: PMASA-2016-9 Date: 2016-01-24 Summary XSS vulnerability in SQL editor. Description With a crafted SQL query, it is possible to trigger an XSS attack in the SQL editor. Severity We consider this vulnerability to be non-critical. Mitigation factor This vulnerability ca...