6027 matches found
Cross site scripting
Cross-site scripting XSS vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie authtype, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability...
DEBIAN-CVE-2007-6100
Cross-site scripting XSS vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie authtype, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability...
CVE-2007-6100
Cross-site scripting XSS vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie authtype, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability...
CVE-2007-6100
Cross-site scripting XSS vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie authtype, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability...
CVE-2007-6100
Cross-site scripting XSS vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie authtype, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability...
CVE-2007-6100
CVE-2007-6100 is a cross-site scripting (XSS) vulnerability in phpMyAdmin prior to 2.11.2.2. The flaw occurs in libraries/auth/cookie.auth.lib.php where, when logins use cookie auth_type, an attacker can inject script via the convcharset parameter to index.php. The issue affects phpMyAdmin versio...
phpMyAdmin登录页跨站脚本漏洞
phpMyAdmin是一款基于WEB的MySQL管理程序。 phpMyAdmin登录页不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行跨站脚本攻击,可获得敏感信息或未授权访问应用程序。 问题是登录页authtype cookie存在输入验证问题,通过提交恶意脚本代码作为convcharset参数数据,可导致恶意脚本代码在浏览器上执行,可获得敏感信息或未授权访问应用程序。 phpMyAdmin phpMyAdmin 2.11.1 phpMyAdmin phpMyAdmin 2.9.1 phpMyAdmin phpMyAdmin 2.9 rc1 phpMyAdmin...
[SECURITY] Fedora 7 Update: phpMyAdmin-2.11.2.2-1.fc7
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...
[SECURITY] Fedora 8 Update: phpMyAdmin-2.11.2.2-1.fc8
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...
[SECURITY] Fedora 8 Update: phpMyAdmin-2.11.2.1-1.fc8
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...
[SECURITY] Fedora 7 Update: phpMyAdmin-2.11.2.1-1.fc7
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...
[ MDKSA-2007:229 ] - Updated phpMyAdmin packages fix multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2007:229 http://www.mandriva.com/security/ Package : phpMyAdmin Date : November 20, 2007 Affected: Corporate 4.0 Problem Description: A few vulnerabilities and security-related issues have been fixed in phpMyAdmi...
XSS vulnerability
PMASA-2007-8 Announcement-ID: PMASA-2007-8 Date: 2007-11-20 Summary XSS vulnerability Description We received an advisory from Tim Brown, Nth Dimension, and we wish to thank him for his work. The login page authtype cookie was vulnerable to XSS via the convcharset parameter. Severity We consider...
phpmyadmin -- Cross Site Scripting
phpMyAdmin security announcement: The login page authtype cookie was vulnerable to XSS via the convcharset parameter. An attacker could use this to execute malicious code on the visitors computer...
CVE-2007-5977
Cross-site scripting XSS vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than...
Sql injection
SQL injection vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter...
CVE-2007-5976
SQL injection vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter...
DEBIAN-CVE-2007-5976
SQL injection vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter...
CVE-2007-5976
SQL injection vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to execute arbitrary SQL commands via the db parameter...
CVE-2007-5977
Cross-site scripting XSS vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than...