6027 matches found
phpMyAdmin -- multiple XSS vulnerabilities
phpMyAdmin development team reports: Firstly, if a row contains javascript code, after inline editing this row and saving, the code is executed. Secondly, missing sanitization on the db, table and column names leads to XSS vulnerabilities. Versions 3.4.0 to 3.4.4 were found vulnerable...
phpMyAdmin Tracking Feature Multiple Cross Site Scripting Vulnerabilities
phpMyAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2011-3181
Multiple cross-site scripting XSS vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a 1 table name, 2 column name, or 3 index name...
DEBIAN-CVE-2011-3181
Multiple cross-site scripting XSS vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a 1 table name, 2 column name, or 3 index name...
CVE-2011-3181
Multiple cross-site scripting XSS vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a 1 table name, 2 column name, or 3 index name...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a 1 table name, 2 column name, or 3 index name...
CVE-2011-3181
Multiple cross-site scripting XSS vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a 1 table name, 2 column name, or 3 index name...
CVE-2011-3181
CVE-2011-3181 affects phpMyAdmin 3.3.x up to 3.3.10.3/3.3.10.4 and 3.4.x up to 3.4.3/3.4.4 in the Tracking feature. It allows remote XSS via table name, column name, or index name, enabling injection of arbitrary web script or HTML. Root cause: input vectors in Tracking parameter handling. Remedi...
CVE-2011-3181
Multiple cross-site scripting XSS vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a 1 table name, 2 column name, or 3 index name...
CVE-2011-3181
Multiple cross-site scripting XSS vulnerabilities in the Tracking feature in phpMyAdmin 3.3.x before 3.3.10.4 and 3.4.x before 3.4.4 allow remote attackers to inject arbitrary web script or HTML via a 1 table name, 2 column name, or 3 index name...
phpMyAdmin 3.3.x / 3.4.x < 3.3.10.4 / 3.4.4 XSS (PMASA-2011-13
The remote host contains a version of phpMyAdmin - 3.3.x less than 3.3.10.4 or 3.4.x less than 3.4.4 - that is affected by multiple cross-site scripting vulnerabilities. The data in the 'table', 'column', and 'index' variables of the script 'tbltracking.php' are not properly sanitized before bein...
phpMyAdmin跟踪功能多个跨站脚本漏洞
Bugtraq ID: 49306 CVE ID:CVE-2011-3181 phpMyAdmin存在多个安全漏洞,允许恶意用户进行脚本注入攻击。 部分传递给table, column和index名的输入在跟踪功能中使用前缺少过滤,可被利用注入任意HTML和脚本代码,当恶意数据被查看时可以目标用户浏览器安全上下文执行恶意代码。 phpMyAdmin 3.x 厂商解决方案 phpMyAdmin 3.4.4和3.3.10.4已经修复此漏洞,建议用户下载使用: http://www.phpmyadmin.net/...
Multiple XSS vulnerabilities in extension phpMyAdmin (phpmyadmin)
It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Cross-Site Scripting. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.11.3 and below Vulnerability Type: Multiple Cross-Site Scripti...
FreeBSD : phpMyAdmin -- multiple XSS vulnerabilities (75e26236-ce9e-11e0-b26a-00215c6a37bb)
The phpMyAdmin development team reports : Multiple XSS in the Tracking feature. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacques Vidrine and contributors...
phpMyAdmin -- multiple XSS vulnerabilities
The phpMyAdmin development team reports: Multiple XSS in the Tracking feature...
Multiple XSS in the Tracking feature.
PMASA-2011-13 Announcement-ID: PMASA-2011-13 Date: 2011-08-24 Summary Multiple XSS in the Tracking feature. Description Missing sanitization on the table, column and index names leads to XSS vulnerabilities. Severity We consider this vulnerability to be serious. Mitigation factor An attacker must...
Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)
Check for the Version of phpmyadmin OpenVAS Vulnerability Test Mandriva Update for phpmyadmin MDVSA-2011:124 phpmyadmin Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
Fedora Update for phpMyAdmin FEDORA-2011-9725
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for phpMyAdmin FEDORA-2011-9734
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...