EUVD-2016-10656

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-1000017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server...

Linux Distros Unpatched Vulnerability : CVE-2016-6622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service DoS attack by forcing persistent connections when phpMyAdm...

Linux Distros Unpatched Vulnerability : CVE-2016-9861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. Due to the limitation in URL matching, it was possible to bypass the URL white-list protection. All 4.6.x versions prior ...

Linux Distros Unpatched Vulnerability : CVE-2014-8958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.6, 4.1.x before 4.1.14.7, and 4.2.x before 4.2.12 allow remote authenticated...

Linux Distros Unpatched Vulnerability : CVE-2014-4955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the PMATRIgetRowForList function in libraries/rte/rtelist.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before...

Linux Distros Unpatched Vulnerability : CVE-2017-1000013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to an open redirect weakness CVE-2017-1000013 Note that Nessus relies on the presence of the package as reported by...

Linux Distros Unpatched Vulnerability : CVE-2014-6300

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the micro history implementation in phpMyAdmin 4.0.x before 4.0.10.3, 4.1.x before 4.1.14.4, and 4.2.x before 4.2.8.1...

SUSE CVE-2013-5029

phpMyAdmin 3.5.x and 4.0.x before 4.0.5 allows remote attackers to bypass the clickjacking protection mechanism via certain vectors related to Header.class.php...

SUSE CVE-2016-2038

phpMyAdmin 4.0.x before 4.0.10.13, 4.4.x before 4.4.15.3, and 4.5.x before 4.5.4 allows remote attackers to obtain sensitive information via a crafted request, which reveals the full path in an error message...

SUSE CVE-2016-5705

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.7 and 4.6.x before 4.6.3 allow remote attackers to inject arbitrary web script or HTML via vectors involving 1 server-privileges certificate data fields on the user privileges page, 2 an "invalid JSON" error messa...

SUSE CVE-2016-5730

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to obtain sensitive information via vectors involving 1 an array value to FormDisplay.php, 2 incorrect data to validate.php, 3 unexpected data to Validator.php, 4 a missing config directory...

SUSE CVE-2016-6625

An issue was discovered in phpMyAdmin. An attacker can determine whether a user is logged in to phpMyAdmin. The user's session, username, and password are not compromised by this vulnerability. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to...

Cross site request forgery (csrf)

phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users,...

phpMyAdmin XSRF/CSRF Vulnerability (PMASA-2017-9) - Linux

phpMyAdmin is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

UBUNTU-CVE-2016-9848

An issue was discovered in phpMyAdmin. phpinfo phpinfo.php shows PHP information including values of HttpOnly cookies. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 are affected...

DEBIAN-CVE-2016-2561

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1 allow remote authenticated users to inject arbitrary web script or HTML via 1 normalization.php or 2 js/normalization.js in the database normalization page, 3...

phpMyAdmin Security Bypass Vulnerability (Nov 2015) - Windows

phpMyAdmin is prone to reCaptcha bypass vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin";...

phpMyAdmin 3.5.8/4.0.0-RC2 - Multiple Vulnerabilities

waraxe-2013-SA103 - Multiple Vulnerabilities in phpMyAdmin =============================================================================== Author: Janek Vind "waraxe" Date: 25. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-103.html Description of vulnerable software:...

DEBIAN-CVE-2011-0986

phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the 1 README, 2 ChangeLog, and 3 LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file...