23 matches found
[SECURITY] [DLA 4121-1] phpmyadmin security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4121-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 08, 2025 https://wiki.debian.org/LTS -...
DLA-4121-1 phpmyadmin - security update
Bulletin has no description...
MGASA-2025-0023 Updated phpmyadmin packages fix security vulnerabilities
fix possible security issue with library code slim/psr7 CVE-2023-30536 fix possible security issue relating to iconv CVE-2024-2961, PMASA-2025-3 fix an XSS vulnerability in the check tables feature PMASA-2025-1 fix an XSS vulnerability in the Insert tab PMASA-2025-2...
OPENSUSE-SU-2023:0154-1 Security update for phpMyAdmin
This update for phpMyAdmin fixes the following issues: Update to 4.9.11: - CVE-2023-25727: Fixed XSS vulnerability in drag-and-drop upload boo1208186...
OPENSUSE-SU-2023:0058-1 Security update for phpMyAdmin
This update for phpMyAdmin fixes the following issues: Update to 4.9.11: Fix an XSS attack through the drag-and-drop upload feature PMASA-2023-01, CWE-661, boo1208186, CVE-2023-25727 Fix broken pagination links in the navigation sidebar Fix syntax error for PHP 5 Fix hideconnectionerrors being...
OPENSUSE-SU-2023:0047-1 Security update for phpMyAdmin
This update for phpMyAdmin fixes the following issues: phpMyAdmin was updated to 5.2.1 This is a security and bufix release. Security: - Fix PMASA-2023-01, CWE-661, boo1208186, CVE-2023-25727 Fix an XSS attack through the drag-and-drop upload feature. Bugfixes: - issue 17522 Fix case where the...
MGASA-2020-0383 Updated phpmyadmin packages fix security vulnerabilities
A vulnerability was discovered where an attacker can cause an XSS attack through the transformation feature. If an attacker sends a crafted link to the victim with the malicious JavaScript, when the victim clicks on the link, the JavaScript will run and complete the instructions made by the...
OPENSUSE-SU-2020:0427-1 Security update for phpMyAdmin
This update for phpMyAdmin to version 4.9.5 fixes the following issues: - phpmyadmin was updated to 4.9.5: - CVE-2020-10804: Fixed an SQL injection in the user accounts page, particularly when changing a password boo1167335 PMASA-2020-2. - CVE-2020-10802: Fixed an SQL injection in the search...
OPENSUSE-SU-2020:0405-1 Security update for phpMyAdmin
This update for phpMyAdmin to version 4.9.5 fixes the following issues: - phpmyadmin was updated to 4.9.5: - CVE-2020-10804: Fixed an SQL injection in the user accounts page, particularly when changing a password boo1167335 PMASA-2020-2. - CVE-2020-10802: Fixed an SQL injection in the search...
[SECURITY] [DLA 2154-1] phpmyadmin security update
Package : phpmyadmin Version : 4:4.2.12-2+deb8u9 CVE ID : CVE-2020-10802 CVE-2020-10803 Debian Bug : 954665 954666 The following packages CVEs were reported against phpmyadmin. CVE-2020-10802 In phpMyAdmin 4.x before 4.9.5, a SQL injection vulnerability has been discovered where certain parameter...
OPENSUSE-SU-2019:1861-1 Security update for phpMyAdmin
This update for phpMyAdmin fixes the following issues: phpMyAdmin was updated to 4.9.0.1: Several issues with SYSTEM VERSIONING tables Fixed json encode error in export Fixed JavaScript events not activating on input sql bookmark issue Show Designer combo boxes when adding a constraint Fix edit...
OPENSUSE-SU-2019:0194-1 Security update for phpMyAdmin
This update for phpMyAdmin to version 4.8.5 fixes the following issues: Security issues fixed: - CVE-2019-6799: Fixed an arbitrary file read vulnerability boo1123272 - CVE-2019-6798: Fixed a SQL injection in the designer interface boo1123271 Other changes: Fix rxport to SQL format not available F...
OPENSUSE-SU-2018:0536-1 Security update for phpMyAdmin
This update for phpMyAdmin 4.7.8 fixes the following issues: - CVE-2018-7260: self-cross site scripting XSS vulnerability in the central columns feature boo1082188 This version also fixes some minor functionality bugs. The previous update already fixed CVE-2017-1000499...
OPENSUSE-SU-2017:3448-1 Security update for phpMyAdmin
This update for phpMyAdmin to version 4.7.7 fixes a security issue and bugs. The following vulnerability was fixed: - By deceiving a user to click on a crafted URL, it was possible to perform harmful database operations bsc1074066, PMASA-2017-09 This update also contains all upstream improvements...
MGASA-2017-0471 Updated phpmyadmin packages fix security vulnerability
Due to an XSRF/CSRF vulnerability in phpMyAdmin before 4.7.7, by deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc PMASA-2017-9. The phpmyadmin package has been updated to version 4.7.7 to fix...
openSUSE Security Update : phpMyAdmin (openSUSE-2016-804)
phpMyAdmin was updated to version 4.4.15.7 to fix eight security issues. These security issues were fixed : - CVE-2016-5701: BBCode injection vulnerability boo986154 - CVE-2016-5703: SQL injection attack boo986154 - CVE-2016-5705: Multiple XSS vulnerabilities boo986154 - CVE-2016-5706: DOS attack...
MGASA-2016-0211 Updated phpmyadmin package fixes CVE-2016-5099
In phpMyAdmin before 4.4.15.6, a specially crafted attack could allow for special HTML characters to be passed as URL encoded values and displayed back as special characters in the page CVE-2016-5099...
openSUSE Security Update : phpMyAdmin 4.4.15.4 (openSUSE-2016-168)
Security update to phpMyAdmin 4.4.15.4 The followinng vulnerabilities were fixed: boo964024 - CVE-2016-2038: Multiple full path disclosure vulnerabilities - CVE-2016-2039: Unsafe generation of XSRF/CSRF token - CVE-2016-2040: Multiple XSS vulnerabilities - CVE-2016-1927: Insecure password...
MGASA-2016-0051 Updated phpmyadmin/phpseclib packages fix security vulnerability
Password suggestion functionality uses Math.random which does not provide cryptographically secure random numbers CVE-2016-1927. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full pa...
MGASA-2014-0510 Updated phpmyadmin package fixes CVE-2014-9218
Updated phpmyadmin package fixes security vulnerabilities: In phpMyAdmin before 4.1.14.8, with very long passwords it was possible to initiate a denial of service attack on phpMyAdmin CVE-2014-9218...