CVE-2019-12616

An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken tag pointing at the victim's phpMyAdmin database, and the attacker can potential...

CVE-2019-12616

phpMyAdmin before 4.9.0 is affected by a CSRF vulnerability (CVE-2019-12616). An attacker can entice an authenticated user to visit a crafted page (for example via a broken tag) and potentially perform payloads such as INSERT or DELETE against the victim’s database. This vulnerability is describ...

CVE-2019-11768

phpMyAdmin prior to 4.9.0.1 is affected by an SQL injection via the Designer feature triggered by a specially crafted database name. The issue is fixed in 4.9.0.1 (and later per advisories). Impact per sources includes potential high-severity consequences; upgrade to 4.9.0.1 or newer to remediate.

CVE-2019-11768

An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature...

CVE-2019-11768

An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature...

CVE-2019-11768

An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature...

phpMyAdmin SQL Injection Vulnerability (CNVD-2021-45287)

phpMyAdmin is a PHP-based database management tool for MySQL on Web-Base, allowing administrators to manage MySQL databases with a Web interface. A SQL injection vulnerability exists in the designer feature of phpMyAdmin versions prior to 4.9.0.1. The vulnerability can be exploited to conduct a S...

phpMyAdmin -- CSRF vulnerability in login form

The phpMyAdmin development team reports: Summary CSRF vulnerability in login form Description A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken tag pointing at the victim's phpMyAdmi...

CSRF vulnerability in login form

PMASA-2019-4 Announcement-ID: PMASA-2019-4 Date: 2019-06-04 Summary CSRF vulnerability in login form Description A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken tag pointing at the...

Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has...

Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. Dubbed Nansh0u , the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has...

Fedora Update for phpMyAdmin FEDORA-2018-088802878a

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for phpMyAdmin FEDORA-2019-09ae31d880

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Multiple vulnerabilities in extension "phpMyAdmin" (phpmyadmin)

Multiple vulnerabilities have been found in the phpMyAdmin component...

SQL injection in Designer feature

PMASA-2019-3 Announcement-ID: PMASA-2019-3 Date: 2019-05-06 Summary SQL injection in Designer feature Description A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature. Severity We consider this vulnerabili...

Zikula Core CMS 2.0.13 Database Disclosure

Exploit Title : Zikula Core CMS 2.0.13 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 20/04/2019 Vendor Homepage : ziku.la Software Download Link : github.com/zikula/core/releases/download/2.0.13/2.0.zip Software Information Link :...

ChurchCRM Software 3.3.2 Database Disclosure

Exploit Title : ChurchCRM Software 3.3.2 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 20/04/2019 Vendor Homepage : churchcrm.io Software Download Link : github.com/ChurchCRM/CRM/releases/download/3.3.2/ChurchCRM-3.3.2.zip Software...

OpenDocMan Document Management System 1.3.5 Database Disclosure

Exploit Title : OpenDocMan Document Management System 1.3.5 Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 20/04/2019 Vendor Homepage : opendocman.com Software Download Link : opendocman.com/free-download/...

phpMyAdmin 2.11.x < 2.11.9.5 / 3.x < 3.1.3.1 RCE (PMASA-2009-3)

Binary data 700609.prm...

GLSA-201904-16 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201904-16 phpMyAdmin: Multiple vulnerabilities Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. Impact : Please review the CVE identifiers referenced belo...