CVE-2004-2630

The CVE-2004-2630 entry affects phpMyAdmin, specifically the MIME transformation system (transformations/text_plain__external.inc.php) in versions 2.5.0 through 2.6.0-pl1. The root cause is a vulnerability in the MIME-based transformation subsystem that lets remote attackers execute arbitrary she...

CVE-2004-2630

The MIME transformation system transformations/textplainexternal.inc.php in phpMyAdmin 2.5.0 up to 2.6.0-pl1 allows remote attackers to execute arbitrary commands via shell metacharacters in unspecified vectors...

CVE-2004-2631

Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name...

CVE-2004-2631

Eval injection vulnerability in left.php in phpMyAdmin 2.5.1 up to 2.5.7, when LeftFrameLight is FALSE, allows remote attackers to execute arbitrary PHP code via a crafted table name...

CVE-2004-2632

phpMyAdmin 2.5.1 up to 2.5.7 allows remote attackers to modify configuration settings and gain unauthorized access to MySQL servers via modified $cfg'Servers' variables...

CVE-2005-3787

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via 1 the cookie-based login panel, 2 the title parameter and 3 the table creation dialog...

CVE-2005-3787

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via 1 the cookie-based login panel, 2 the title parameter and 3 the table creation dialog...

CVE-2005-3787

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via 1 the cookie-based login panel, 2 the title parameter and 3 the table creation dialog...

DEBIAN-CVE-2005-3787

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via 1 the cookie-based login panel, 2 the title parameter and 3 the table creation dialog...

CVE-2005-3787

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via 1 the cookie-based login panel, 2 the title parameter and 3 the table creation dialog...

CVE-2005-3787

CVE-2005-3787 concerns multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin prior to 2.6.4-pl4 . The issues allow remote attackers to inject arbitrary script/HTML via (1) the cookie-based login panel, (2) the title parameter, and (3) the table creation dialog. The connected documents...

CVE-2005-3787

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl4 allow remote attackers to inject arbitrary web script or HTML via 1 the cookie-based login panel, 2 the title parameter and 3 the table creation dialog...

XSS vulnerabilities

PMASA-2005-7 Announcement-ID: PMASA-2005-7 Date: 2005-11-23 Summary XSS vulnerabilities Description During the course of phpMyAdmin 2.6.4 development, some XSS vulnerabilities were fixed but were not documented here. The cookie-based login panel, the title parameter and the table creation dialog...

SUSE-SA:2005:066: phpMyAdmin

The remote host is missing the patch for the advisory SUSE-SA:2005:066 phpMyAdmin. The MySQL configuration frontend phpMyAdmin was updated to fix the following security problems which can be remotely exploited: - Multiple cross-site scripting XSS bugs CVE-2005-3301, CVE-2005-2869, PMASA-2005-5. -...

CVE-2005-3621

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts...

CVE-2005-3621

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts...

CVE-2005-3622

phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory...

DEBIAN-CVE-2005-3621

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts...

CVE-2005-3621

CRLF injection vulnerability in phpMyAdmin before 2.6.4-pl4 allows remote attackers to conduct HTTP response splitting attacks via unspecified scripts...

CVE-2005-3622

phpMyAdmin 2.7.0-beta1 and earlier allows remote attackers to obtain the full path of the server via direct requests to multiple scripts in the libraries directory...