openSUSE: Security Advisory for phpPgAdmin (openSUSE-SU-2022:10065-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cross-site Request Forgery (CSRF)

phpPgAdmin is vulnerable to Cross-Site Request Forgery CSRF. The vulnerability is due to insufficient validation of the request source in the "database.php" area of phpPgAdmin. This allows sensitive actions to be performed without proper verification of the request's origin. A remote attacker can...

[SECURITY] [DLA 3644-1] phppgadmin security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3644-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb November 03, 2023 https://wiki.debian.org/LTS -...

Debian: Security Advisory (DLA-3644-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3644 : phppgadmin - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3644 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3644-1 [email protected] https://www.debian.org/lts/security/...

DLA-3644-1 phppgadmin - security update

Bulletin has no description...

The vulnerability of the unserialize() function in the PostgreSQL administration web tool phpPgAdmin allows a attacker to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the unserialize function in the phpPgAdmin web administration tool for PostgreSQL is related to deficiencies in the deserialization mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected...

SUSE CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

DEBIAN-CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

UBUNTU-CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

Deserialization of untrusted data

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

phpPgAdmin Code Issues Vulnerabilities

phpPgAdmin is a software application. The premier web-based administration tool for postgresql. A security vulnerability exists in phpPgAdmin version 7.14.4 and earlier versions. An attacker can exploit the vulnerability to remotely execute code...

CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...

CVE-2023-40619

The CVE-2023-40619 issue affects phpPgAdmin 7.14.4 and earlier, where untrusted data is deserialized (e.g., the ma[] POST parameter in tables.php) via PHP unserialize(), enabling remote code execution. Confirmed impact is remote code execution with high severity (CVSS 3.1: CRITICAL). Remediation ...

CVE-2023-40619

phpPgAdmin 7.14.4 and earlier is vulnerable to deserialization of untrusted data which may lead to remote code execution because user-controlled data is directly passed to the PHP 'unserialize' function in multiple places. An example is the functionality to manage tables in 'tables.php' where the...