292 matches found
phpPgAdmin <= 4.2.1 (_language) Local File Inclusion Vulnerability
No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl phpPgAdmin = 4.2.1 Local File Inclusion Vulnerability Script: "phpPgAdmin is a web-based...
phpPgAdmin index.php _language Parameter Local File Inclusion
The remote host is running phpPgAdmin, a web-based administration tool for PostgreSQL. The installed version of phpPgAdmin fails to filter user-supplied input to the 'language' parameter before using it to include PHP code in 'libraries/lib.inc.php'. Provided PHP's 'registerglobals' setting is...
phppgadmin -- directory traversal with register_globals enabled
Secunia reports: Dun has discovered a vulnerability in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information. Input passed via the "language" parameter to libraries/lib.inc.php is not properly sanitised before being used to include files. This can be exploited t...
phpPgAdmin 4.2.1 - _language Local File Inclusion
phpPgAdmin 4.2.1 - language Local File Inclusion :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl phpPgAdmin 136 ... // Determine language file to import: // 1. Check for the...
phpPgAdmin <= 4.2.1 (_language) Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================================== phpPgAdmin 136 ... // Determine language file to import: // 1. Check for the language from a request var if isset$REQUEST'language' && isset$appLangFiles$REQUEST'language'...
phpPgAdmin 4.2.1 - '_language' Local File Inclusion
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl phpPgAdmin 136 ... // Determine language file to import: // 1. Check for the language from a request var if isset$REQUEST'language'...
FreeBSD Ports: phppgadmin
The remote host is missing an update to the system as announced in the referenced advisory. VID 88188a8c-eff6-11d9-8310-0001020eed82 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: phppgadmin
The remote host is missing an update to the system as announced in the referenced advisory. VID 3d0e724e-129b-11dc-9f79-0016179b2dd5 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Ports: phppgadmin
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: phppgadmin
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Debian Security Advisory DSA 759-1 (phppgadmin)
The remote host is missing an update to phppgadmin announced via advisory DSA 759-1. A vulnerability has been discovered in phppgadmin, a set of PHP scripts to administrate PostgreSQL over the WWW, that can lead to disclose sensitive information. Successful exploitation requires that magicquotesg...
Debian: Security Advisory (DSA-759-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE 10 Security Update : phpPgAdmin (phpPgAdmin-4713)
Several flaws in phpPgAdmin could be exploited by remote attackers to perform cross site scripting XSS attacks CVE-2007-2865, CVE-2007-5728. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
Fedora 7 : phpPgAdmin-4.1.2-1.fc7 (2007-0469)
This release includes a high-level security fix. All users must upgrade as soon as possible : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2865 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Fedora 7 : phpPgAdmin-4.1.3-1.fc7 (2007-1013)
This version further tightens up security and fixes some issues introduced in the 4.1.2 release. All users are strongly encouraged to upgrade. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CVE-2007-5728
Cross-site scripting XSS vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHPSELF in 1 redirect.php, possibly related to 2 login.php, different vectors than CVE-2007-2865...
Cross site scripting
Cross-site scripting XSS vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHPSELF in 1 redirect.php, possibly related to 2 login.php, different vectors than CVE-2007-2865...
CVE-2007-5728
Cross-site scripting XSS vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHPSELF in 1 redirect.php, possibly related to 2 login.php, different vectors than CVE-2007-2865...
CVE-2007-5728
Cross-site scripting XSS vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHPSELF in 1 redirect.php, possibly related to 2 login.php, different vectors than CVE-2007-2865...
DEBIAN-CVE-2007-5728
Cross-site scripting XSS vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHPSELF in 1 redirect.php, possibly related to 2 login.php, different vectors than CVE-2007-2865...