[SECURITY] [DLA 1692-1] phpmyadmin security update

Package : phpmyadmin Version : 4:4.2.12-2+deb8u5 CVE ID : CVE-2019-6799 Debian Bug : 920823 An information leak issue was discovered in phpMyAdmin. An attacker can read any file on the server that the web servers user can access. This is related to the mysql.allowlocalinfile PHP configuration. Wh...

DLA-1692-1 phpmyadmin - security update

Bulletin has no description...

Debian: Security Advisory (DLA-1692-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PhpMyAdmin tbl_replace.php Local File Inclusion (CVE-2018-19968)

A local file inclusion vulnerability exists in phpMyAdmin. The vulnerability is due to improper sanitization of a column in the column info table. A remote, authenticated attacker could exploit this vulnerability by sending a request with crafted SQL statements to the target server. Successful...

openSUSE Security Update : phpMyAdmin (openSUSE-2019-194)

This update for phpMyAdmin to version 4.8.5 fixes the following issues : Security issues fixed : - CVE-2019-6799: Fixed an arbitrary file read vulnerability boo1123272 - CVE-2019-6798: Fixed a SQL injection in the designer interface boo1123271 Other changes : - Fix rxport to SQL format not...

Security update for phpMyAdmin (important)

openSUSE Security Update: Security update for phpMyAdmin Announcement ID: openSUSE-SU-2019:0194-1 Rating: important References: 1123271 1123272 Cross-References: CVE-2019-6798 CVE-2019-6799 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.0 openSUSE Backports SLE-15 SUSE Package Hub for SUS...

Fedora 28 : phpMyAdmin (2019-6cfd17b03d)

Upstream announcement: Security fix: phpMyAdmin 4.8.5 is released The phpMyAdmin team announces the release of phpMyAdmin version 4.8.5. Among other bug fixes, this contains several important security fixes. Upgrading is highly recommended for all users. The security fixes involve : - Arbitrary...

Fedora 29 : phpMyAdmin (2019-09ae31d880)

Upstream announcement: Security fix: phpMyAdmin 4.8.5 is released The phpMyAdmin team announces the release of phpMyAdmin version 4.8.5. Among other bug fixes, this contains several important security fixes. Upgrading is highly recommended for all users. The security fixes involve : - Arbitrary...

[SECURITY] Fedora 29 Update: phpMyAdmin-4.8.5-1.fc29

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 28 Update: phpMyAdmin-4.8.5-1.fc28

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Fedora Update for phpMyAdmin FEDORA-2019-6cfd17b03d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian DLA-1658-1 : phpmyadmin security update

A couple of vulnerabilities have been discovered in phpmyadmin, MySQL web administration tool. CVE-2018-19968 An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature. The attacker must have access to the phpMyAdmin...

Debian: Security Advisory (DLA-1658-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 1658-1] phpmyadmin security update

Package : phpmyadmin Version : 4:4.2.12-2+deb8u4 CVE ID : CVE-2018-19968 CVE-2018-19970 A couple of vulnerabilities have been discovered in phpmyadmin, MySQL web administration tool. CVE-2018-19968 An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an...

DLA-1658-1 phpmyadmin - security update

Bulletin has no description...

Updated phpmyadmin packages fix security vulnerabilities

- Possible SQL injection in Designer feature - When AllowArbitraryServer configuration set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access...

MGASA-2019-0057 Updated phpmyadmin packages fix security vulnerabilities

Possible SQL injection in Designer feature - When AllowArbitraryServer configuration set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access...

SQL Injection

phpmyadmin is vulnerable to SQL injection. The vulnerability is possible because it allows the attacker to inject malicious SQL scripts via the username in the designer feature...

Arbitrary File Read

phpmyadmin is vulnerable to arbitrary file read. An attacker is able to read any file on the server using a rogue MySQL server, when AllowArbitraryServer is set to true or when mysql.allowlocalinfile is enabled by default. This is due to a bug in PHP, which does not honor phpMyadmin attempts to...

phpMyAdmin Arbitrary File Read Vulnerability

phpMyAdmin is a PHP-based database management tool for MySQL on Web-Base, allowing administrators to manage MySQL databases with a Web interface. An arbitrary file read vulnerability exists in phpMyAdmin before 4.8.5. When the AllowArbitraryServer configuration is set to true, an attacker can...