UBUNTU-CVE-2019-10784

phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, "database.php" does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to vis...

CVE-2019-10784

phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, "database.php" does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to vis...

CVE-2019-10784

CVE-2019-10784 affects phpPgAdmin up to version 7.12.1. The issue is an improper source validation in the application, notably in database.php, enabling CSRF abuse that could let a remote attacker trick an authenticated administrator into visiting a malicious page and execute arbitrary system com...

CVE-2019-10784

phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, "database.php" does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to vis...

Cross-site Request Forgery (CSRF)

Overview phppgadmin/phppgadmin is a web-based administration tool for PostgreSQL. It is perfect for PostgreSQL DBAs, newbies, and hosting services. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF. Multiple areas within the application allows sensitive actions t...

RATELIMITED: Information Disclosure PHPpgAdmin

PHPpgAdmin is a piece of script which allows system administrators to manage their Postgres databases easily from a webUI. We had forgotten to limit access to this script, resulting in the ability for a brute-force attack to happen...

phpPgAdmin 4.1.1 SQLEDIT.PHP Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24115/info phpPgAdmin is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected...

phpPgAdmin <= 4.1.1 Redirect.PHP Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24182/info phpPgAdmin is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected...

phpPgAdmin 3.x Login Form Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14142/info phpPgAdmin is prone to a directory traversal vulnerability. The application fails to filter directory traversal sequences from requests to the login form. All versions of phpPgAdmin are considered to be...

phpPgAdmin <= 4.2.1 (_language) Local File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl phpPgAdmin = 4.2.1 Local File Inclusion Vulnerability Script: phpPgAdmin is a web-based administratio...

openSUSE Security Update : phpPgAdmin (openSUSE-SU-2012:0493-1)

update to 5.0.4, fix for bnc754694 CVE-2012-1600 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-219. The text description of this plugin is C SUSE LLC...

DEBIAN-CVE-2012-1600

Multiple cross-site scripting XSS vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 type of a function...

CVE-2012-1600

Multiple cross-site scripting XSS vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 type of a function...

CVE-2012-1600

Multiple cross-site scripting XSS vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 type of a function...

CVE-2012-1600

Multiple cross-site scripting XSS vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 type of a function...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 type of a function...

CVE-2012-1600

Multiple cross-site scripting XSS vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 type of a function...

CVE-2012-1600

Multiple cross-site scripting (XSS) vulnerabilities affect phpPgAdmin in the PHP file functions.php, exploitable before version 5.0.4 via the (1) name or (2) type of a function. The issue allows remote attackers to inject arbitrary web script or HTML. Affected product: phpPgAdmin; vulnerable comp...

CVE-2012-1600

Multiple cross-site scripting XSS vulnerabilities in functions.php in phpPgAdmin before 5.0.4 allow remote attackers to inject arbitrary web script or HTML via the 1 name or 2 type of a function...

Fedora Update for phpPgAdmin FEDORA-2011-13748

Check for the Version of phpPgAdmin OpenVAS Vulnerability Test Fedora Update for phpPgAdmin FEDORA-2011-13748 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...