phpmyadminall-xss.txt

Author : Hadi Kiamarsi ------------------------------------------- Discovered by : Hadi Kiamarsi ------------------------------------------- Exploited By : Hadi Kiamarsi ------------------------------------------- E-Mail : hadikiamarsiathotmail.com ------------------------------------------- web...

phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/31928/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...

phpMyAdmin setup.php文件跨站脚本执行漏洞

BugCVE: CVE-2008-3456,CVE-2008-3457 BUGTRAQ: 30420 phpMyAdmin的scripts/setup.php文件中showoverview $title, $list, $buttons = ''函数没有正确地过滤685行echo $val1输入参数便返回给了用户，如果用户受骗跟随了恶意链接的话就会导致在用户浏览器会话中执行任意HTML和脚本代码。 phpMyAdmin 2.11.8 Debian ------ Debian已经为此发布了一个安全公告（DSA-1641-1）以及相应补丁: DSA-1641-1：New phpmyadmin...

phpMyAdmin执行任意命令漏洞

BugCVE: CAN-2001-1060 BUGTRAQ: 3121 phpMyAdmin中存在一个输入验证错误，允许远程攻击者执行任意命令。攻击者可能获取 敏感信息或者以httpd运行身份执行任意命令。 问题处在'tblcopy.php' 和 'tblrename.php'中的下列代码中: tblcopy.php: eval $message = \ $strCopyTableOK\ ; ; tblrename.php: eval $message = \ $strRenameTableOK\ ; ; 如果用户可以控制$strCopyTableOK 或...

phpMyAdmin Theme变量本地文件包含漏洞

BUGTRAQ: 15169 phpMyAdmin在grabglobals.php中提供了registerglobals模拟层以确保同禁用了该功能的主机兼容。这个文件通常包含在最开端，这样在全局化请求变量时不会覆盖已在使用的脚本变量。 但phpMyAdmin还捆绑了一些不应直接调用的文件，以及一些在开端没有包含grabglobals.php但包含了common.lib.php的文件，可能导致如下所示的包含树： - dbdetailsdbinfo.php \ libraries/common.lib.php \ libraries/selectlang.lib.php \ ...

phpMyAdmin Import_Blacklist变量覆盖漏洞

BugCVE: CVE-2005-4079 BUGTRAQ: 15761 phpMyAdmin对某些变量的处理上存在漏洞，远程攻击者可能利用此漏洞在主机上执行任意命令。 phpMyAdmin将不应该被registerglobals仿真层覆盖的变量黑名单存储在全局变量中，但却没有包含$importblacklist变量名，因此攻击者可以覆盖该变量。如果覆盖了该变量的话，攻击者就可以用任意内容覆盖$GLOBALS数组，导致执行任意代码。 phpMyAdmin phpMyAdmin 2.7/2.7.0 beta1 phpMyAdmin ----------...

PHPMyAdmin明文密码存储漏洞

BUGTRAQ: 7965 phpMyAdmin以明文格式存储密码，本地攻击者可以用这个漏洞获得Cookie文件中的密码信息，控制phpMyAdmin应用系统。 phpMyAdmin没有使用任何类似BASE64/RadiX64的编码形式，只是简单的把用户数据如用户名和密码以明文方式存储在Cookie文件中，如： pmacookieusername=UserName; lang=language-iso-8859-1; pmacookiepassword=your password 任意本地用户或者远程用户通过跨站脚本执行攻击，可以Cookie信息获得敏感用户信息，从而控制系统。...

phpMyAdmin嵌入文件任意命令执行漏洞

BUGTRAQ: 2966 phpMyAdmin是一个免费的WWW界面的mysql数据库管理工具。由于sql.php没有充分对用户的输入进行验证，导致攻击者可能在该脚本中嵌入任意文件，这可能会导致系统敏感信息的泄露或者是任意命令的执行 2.1 临时解决方法： 安装Secure Reality公司发布的补丁程序： Secure Reality patch 2.2.1 phpMyAdmin-SecureReality.diff http://www.securereality.com.au/patches/phpMyAdmin-SecureReality.diff 厂商补丁：...

phpMyAdmin登录页面跨站脚本漏洞

BugCVE: CVE-2007-6100 BUGTRAQ: 26513 phpMyAdmin处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在用户浏览器中执行恶意代码。 phpMyAdmin登录页面的index.php文件中没有验证对convcharset参数的输入，如果用户提交了恶意的URL请求的话就可能导致执行跨站脚本。 $ grep -n convcharset libraries/auth/cookie.auth.lib.php 48: @uses $GLOBALS'convcharset' 236: input type="hidden"...

phpMyAdmin Detection (HTTP)

HTTP based detection of phpMyAdmin. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.900129";...

phpMyAdmin Cross-Site Scripting Vulnerability

phpMyAdmin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin 'server_databases.php' RCE Vulnerability

phpMyAdmin is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

DEBIAN-CVE-2008-4326

The PMAescapeJsString function in libraries/jsescape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting XSS protection mechanisms and conduct XSS attacks via a NUL byte inside a "/script" sequence...

CVE-2008-4326

The PMAescapeJsString function in libraries/jsescape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting XSS protection mechanisms and conduct XSS attacks via a NUL byte inside a "/script" sequence...

CVE-2008-4326

The PMAescapeJsString function in libraries/jsescape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting XSS protection mechanisms and conduct XSS attacks via a NUL byte inside a "/script" sequence...

Cross site scripting

The PMAescapeJsString function in libraries/jsescape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting XSS protection mechanisms and conduct XSS attacks via a NUL byte inside a "/script" sequence...

CVE-2008-4326

The PMAescapeJsString function in libraries/jsescape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting XSS protection mechanisms and conduct XSS attacks via a NUL byte inside a "/script" sequence...

CVE-2008-4326

The PMAescapeJsString function in libraries/jsescape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting XSS protection mechanisms and conduct XSS attacks via a NUL byte inside a "/script" sequence...

CVE-2008-4326

The PMAescapeJsString function in libraries/jsescape.lib.php in phpMyAdmin before 2.11.9.2, when Internet Explorer is used, allows remote attackers to bypass cross-site scripting XSS protection mechanisms and conduct XSS attacks via a NUL byte inside a "/script" sequence...

CVE-2008-4326

The CVE-2008-4326 vulnerability affects phpMyAdmin prior to 2.11.9.2 and arises from the PMA_escapeJsString function in libraries/js_escape.lib.php. When used with Internet Explorer, this allows remote XSS via a NUL byte inside a sequence, bypassing XSS protections. Public references in Debian/O...