Lucene search
K

6027 matches found

Cvelist
Cvelist
added 2016/03/01 11:0 a.m.36 views

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.4AI score0.03109EPSS
Exploits0References11
CVE
CVE
added 2016/03/01 11:0 a.m.71 views

CVE-2016-2561

CVE-2016-2561 affects phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1, allowing remote authenticated users to inject arbitrary web script/HTML via multiple vectors (notably normalization.php, js/normalization.js, sortable_header.phtml, and the pos parameter to db_central_columns.php). T...

5.4CVSS5.5AI score0.02468EPSS
Exploits0References12Affected Software1
CVE
CVE
added 2016/03/01 11:0 a.m.97 views

CVE-2016-2559

CVE-2016-2559 affects phpMyAdmin 4.5.x prior to 4.5.5.1, where the XSS flaw lies in the format function of libraries/sql-parser/src/Utils/Error.php. Exploitation requires an authenticated user to issue a crafted query, enabling injection of script/HTML. The CVSS/metrics indicate a Medium severity...

5.4CVSS5.4AI score0.01712EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2016/03/01 11:0 a.m.25 views

CVE-2016-2560

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...

6.1CVSS6.8AI score0.03109EPSS
Exploits0
CVE
CVE
added 2016/03/01 11:0 a.m.83 views

CVE-2016-2562

CVE-2016-2562 affects phpMyAdmin 4.5.x before 4.5.5.1. The checkHTTP function in libraries/Config.class.php does not verify X.509 certificates from api.github.com SSL servers, enabling MITM spoofing and potential leakage of sensitive data via a crafted certificate. Connected sources (NVD/PMASA) c...

6.8CVSS6AI score0.00772EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2016/03/01 11:0 a.m.81 views

CVE-2016-2560

The CVE-2016-2560 issue affects phpMyAdmin series: 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1. The vulnerability consists of multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML through several vectors (crafted H...

6.1CVSS6.2AI score0.03109EPSS
Exploits0References11Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/03/01 12:0 a.m.30 views

FreeBSD : phpmyadmin -- multiple XSS and a man-in-the-middle vulnerability (f682a506-df7c-11e5-81e4-6805ca0b3d42)

The phpMyAdmin development team reports : XSS vulnerability in SQL parser. Using a crafted SQL query, it is possible to trigger an XSS attack through the SQL query page. We consider this vulnerability to be non-critical. Multiple XSS vulnerabilities. By sending a specially crafted URL as part of...

6.8CVSS6.4AI score0.03109EPSS
Exploits0References9
F5 Networks
F5 Networks
added 2016/02/29 12:0 a.m.41 views

SOL93445609 - phpMyAdmin vulnerabilities

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

7.5CVSS2.6AI score0.02688EPSS
Exploits0References4
FreeBSD
FreeBSD
added 2016/02/29 12:0 a.m.30 views

phpmyadmin -- multiple XSS and a man-in-the-middle vulnerability

The phpMyAdmin development team reports: XSS vulnerability in SQL parser. Using a crafted SQL query, it is possible to trigger an XSS attack through the SQL query page. We consider this vulnerability to be non-critical. Multiple XSS vulnerabilities. By sending a specially crafted URL as part of t...

6.8CVSS1.4AI score0.03109EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/02/26 12:0 a.m.85 views

phpMyAdmin 4.4.x < 4.4.15.3 / 4.5.x < 4.5.4 Multiple Vulnerabilities (PMASA-2016-6, PMASA-2016-7)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.4.x prior to 4.4.15.3 or 4.5.x prior to 4.5.4. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in the AES.php and...

5.4CVSS6.6AI score0.02383EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/02/26 12:0 a.m.34 views

phpMyAdmin 4.0.x < 4.0.10.13 / 4.4.x < 4.4.15.3 / 4.5.x < 4.5.4 Multiple Vulnerabilities (PMASA-2016-1 - PMASA-2016-5)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.13, 4.4.x prior to 4.4.15.3, or 4.5.x prior to 4.5.4. It is, therefore, affected by the following vulnerabilities : - A security bypass vulnerability exists due to th...

7.5CVSS6.9AI score0.02688EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2016/02/25 12:0 a.m.9 views

phpMyAdmin Detection

Binary data 9102.prm...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/02/25 12:0 a.m.23 views

phpMyAdmin 4.0.x < 4.0.10.9 / 4.2.x < 4.2.13.2 / 4.3.x < 4.3.11.1 Information Disclosure Vulnerability (PMASA-2015-1)

Binary data 9103.prm...

5CVSS7.3AI score0.03263EPSS
Exploits0References5
phpMyAdmin
phpMyAdmin
added 2016/02/25 12:0 a.m.36 views

Vulnerability allowing man-in-the-middle attack on API call to GitHub.

PMASA-2016-13 Announcement-ID: PMASA-2016-13 Date: 2016-02-25 Summary Vulnerability allowing man-in-the-middle attack on API call to GitHub. Description A vulnerability in the API call to GitHub can be exploited to perform a man-in-the-middle attack. Severity We consider this vulnerability to be...

6.8CVSS6.7AI score0.00772EPSS
Exploits0Affected Software1
phpMyAdmin
phpMyAdmin
added 2016/02/25 12:0 a.m.37 views

Multiple XSS vulnerabilities.

PMASA-2016-12 Announcement-ID: PMASA-2016-12 Date: 2016-02-25 Summary Multiple XSS vulnerabilities. Description With a crafted table/column name it is possible to trigger an XSS attack in the database normalization page. With a crafted parameter it is possible to trigger an XSS attack in the...

5.4CVSS6.5AI score0.02468EPSS
Exploits0Affected Software1
phpMyAdmin
phpMyAdmin
added 2016/02/25 12:0 a.m.38 views

XSS vulnerability in SQL parser.

PMASA-2016-10 Announcement-ID: PMASA-2016-10 Date: 2016-02-25 Summary XSS vulnerability in SQL parser. Description Using a crafted SQL query, it is possible to trigger an XSS attack through the SQL query page. Severity We consider this vulnerability to be non-critical. Mitigation factor This...

5.4CVSS6.6AI score0.01712EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/02/25 12:0 a.m.37 views

phpMyAdmin 4.3.x < 4.3.13.2 / 4.4.x < 4.4.14.1 reCaptcha Bypass (PMASA-2015-4)

Binary data 9105.prm...

5CVSS7.3AI score0.0979EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2016/02/25 12:0 a.m.37 views

phpMyAdmin 4.0.x < 4.0.10.10 / 4.2.x < 4.2.13.3 / 4.3.x < 4.3.13.1 / 4.4.x < 4.4.6.1 Multiple Vulnerabilities (PMASA-2015-2, PMASA-2015-3)

Binary data 9104.prm...

6.8CVSS6.7AI score0.01597EPSS
Exploits1References12
phpMyAdmin
phpMyAdmin
added 2016/02/25 12:0 a.m.35 views

Multiple XSS vulnerabilities.

PMASA-2016-11 Announcement-ID: PMASA-2016-11 Date: 2016-02-25 Summary Multiple XSS vulnerabilities. Description By sending a specially crafted URL as part of the HOST header, it is possible to trigger an XSS attack. A weakness was found that allows an XSS attack with Internet Explorer versions...

6.1CVSS6.7AI score0.03109EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2016/02/23 12:0 a.m.36 views

phpMyAdmin Multiple Vulnerabilities -01 (Feb 2016)

phpMyAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin";...

7.5CVSS6.5AI score0.02688EPSS
Exploits0References10
Rows per page
Query Builder