6027 matches found
phpMyAdmin import_blacklist Variable Overwriting
The version of phpMyAdmin installed on the remote host fails to properly protect the global 'importblacklist' variable, which is used in the 'libraries/grabglobals.lib.php' script to protect global variables in its registerglobals emulation layer. An unauthenticated attacker can exploit this flaw...
CVE-2006-3388
Cross-site scripting XSS vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter...
CVE-2006-3388
Cross-site scripting XSS vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter...
CVE-2006-3388
Cross-site scripting XSS vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter...
DEBIAN-CVE-2006-3388
Cross-site scripting XSS vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter...
CVE-2006-3388
CVE-2006-3388 is an XSS vulnerability in phpMyAdmin prior to 2.8.2, allowing remote attackers to inject script via the table parameter. Several connected sources corroborate the same description and list upstream fixes via upgrades; SUSE/OSS advisories note a patch upgrading to 2.9.1.1 that fixes...
CVE-2006-3388
Cross-site scripting XSS vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter...
CVE-2006-3388
Cross-site scripting XSS vulnerability in phpMyAdmin before 2.8.2 allows remote attackers to inject arbitrary web script or HTML via the table parameter...
FreeBSD : phpmyadmin -- XSS vulnerability (229577a8-0936-11db-bf72-00046151137e)
phpmyadmin Site reports : It was possible to craft a request that contains XSS by attacking the 'table' parameter. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2018 Jacqu...
phpMyAdmin : Cross-Site Scripting Vulnerability
------------------------------------------------------------------- Security Advisory 3 ^ http://securitynews.ir/ Advisory Title: phpMyAdmin : Cross-Site Scripting Vulnerability @ Author : bug @ securitynews.ir $ Product Vendor : http://www.phpmyadmin.net/ . Affected Versions : 2.8.1 and maybe...
phpmyadmin -- cross site scripting vulnerability
phpmyadmin Site reports: It was possible to craft a request that contains XSS by attacking the "table" parameter...
XSS vulnerability
PMASA-2006-4 Announcement-ID: PMASA-2006-4 Date: 2006-06-30 Updated: 2006-07-01 Summary XSS vulnerability Description It was possible to craft a request that contains XSS by attacking the "table" parameter. Severity We consider this vulnerability to be serious. Affected Versions Some versions...
FreeBSD : phpmyadmin -- CSRF vulnerabilities (2ecd02e2-e864-11da-b9f4-00123ffe8333)
phpMyAdmin security team reports : It was possible to inject arbitrary SQL commands by forcing an authenticated user to follow a crafted link. Such issue is quite common in many PHP applications and users should take care what links they follow. We consider these vulnerabilities to be quite...
phpmyadmin -- XSRF vulnerabilities
phpMyAdmin security team reports: It was possible to inject arbitrary SQL commands by forcing an authenticated user to follow a crafted link. Such issue is quite common in many PHP applications and users should take care what links they follow. We consider these vulnerabilities to be quite...
XSRF vulnerabilities
PMASA-2006-3 Announcement-ID: PMASA-2006-3 Date: 2006-05-20 Summary XSRF vulnerabilities Description It was possible to inject arbitrary SQL commands by forcing an authenticated user to follow a crafted link. Severity Such issue is quite common in many PHP applications and users should take care...
DEBIAN-CVE-2006-2418
Cross-site scripting XSS vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts...
DEBIAN-CVE-2006-2417
Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...
Cross site scripting
Cross-site scripting XSS vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts...
Cross site scripting
Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...
CVE-2006-2417
Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...