Mageia: Security Advisory (MGASA-2014-0099)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

phpMyAdmin 5.1.x < 5.1.2 Multiple XSS Vulnerabilities (PMASA-2022-2) - Windows

phpMyAdmin is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin 4.9.x < 4.9.8, 5.1.x < 5.1.2 2FA Bypass Vulnerability (PMASA-2022-1) - Windows

phpMyAdmin is prone to a two factor authentication bypass vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin 4.9.x < 4.9.8, 5.1.x < 5.1.2 2FA Bypass Vulnerability (PMASA-2022-1) - Linux

phpMyAdmin is prone to a two factor authentication bypass vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin 5.1.x < 5.1.2 Multiple XSS Vulnerabilities (PMASA-2022-2) - Linux

phpMyAdmin is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Updated phpmyadmin packages fix security vulnerability

A flaw was identified in how phpMyAdmin processes two factor authentication; a user could potentially manipulate their account to bypass two factor authentication in subsequent authentication sessions PMASA-2022-1. A series of weaknesses was identified allowing a malicious user to submit maliciou...

MGASA-2022-0036 Updated phpmyadmin packages fix security vulnerability

A flaw was identified in how phpMyAdmin processes two factor authentication; a user could potentially manipulate their account to bypass two factor authentication in subsequent authentication sessions PMASA-2022-1. A series of weaknesses was identified allowing a malicious user to submit maliciou...

phpMyAdmin Authorization Issues Vulnerability

phpMyAdmin is a free, web-based MySQL database management tool from the Phpmyadmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security vulnerability exists in phpMyAdmin, which stems...

phpMyAdmin Cross-Site Scripting Vulnerability (CNVD-2022-08031)

phpMyAdmin is a free, web-based MySQL database management tool from the Phpmyadmin team. The tool is capable of creating and deleting databases, creating, deleting and modifying database tables, executing SQL script commands, etc. phpMyAdmin suffers from a cross-site scripting vulnerability that...

Cross-Site Scripting (XSS)

phpmyadmin is vulnerable to cross-site scripting. The vulnerability exists due to a lack of escape of the config-form's action attribute...

Authentication Bypass

phpmyadmin/phpmyadmin is vulnerable to authentication bypass. The vulnerability exists in initRelationParamsCache function in DatabaseInterface.php allowing an authenticated attacker to bypass two-factor authentication for future login instances...

Cross-Site Scripting (XSS)

phpmyadmin is vulnerable to cross-site scripting. The vulnerability exists due to a lack of escape of the config-form's action attribute. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...

Authentication Bypass

phpmyadmin is vulnerable to Authentication Bypass. The vulnerability exists because the user account are not properly authenticated which allows user to bypass the authentication process and gain unauthorized access to the application...

CVE-2022-23808

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...

CVE-2022-23807

An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances...

CVE-2022-23807

An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances...

DEBIAN-CVE-2022-23808

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...

CVE-2022-23808

An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection...

CVE-2022-23807

An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances...

DEBIAN-CVE-2022-23807

An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances...