phpMyAdmin 4.8.1 Authenticated Local File Inclusion Vulnerability

Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.8.1 - Authenticated Local File Inclusion Exploit Author: Lucian Ioan Nitescu Contact: https://twitter.com/LucianNitescu Webiste: https://nitesculucian.github.io Vendor Homepage: https://www.phpmyadmin.net/ Software...

tappeto-elastico.eu XSS vulnerability

Open Bug Bounty ID: OBB-702160 Description| Value ---|--- Affected Website:| tappeto-elastico.eu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploit for Improper Authentication in Phpmyadmin

CVE-2018-12613 Local file inclusion bug due to filter bypass u...

phpMyAdmin index.php Local File Inclusion (CVE-2018-12613)

A local file inclusion vulnerability exists in phpMyAdmin. The vulnerability is due to improper sanitization of the request URI. A remote, authenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation could lead to information...

Security update for phpMyAdmin (moderate)

This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed: - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially-crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...

phpMyAdmin < 4.8.3 Vulnerability (PMASA-2018-5)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is prior to 4.8.3. It is, therefore, affected by a cross-site Scripting vulnerability. Note that Nessus has not attempted to exploit these issues but has instead relied only on the...

Fedora Update for phpMyAdmin FEDORA-2018-f2b24ce26e

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 28 Update: phpMyAdmin-4.8.3-1.fc28

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

phpMyAdmin 4.7.x Cross Site Request Forgery

Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Date: 2018-08-28 Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on: php7 mysql5 CVE: CVE-2017-1000499 Exploit CSRF ...

phpMyAdmin <= 4.8.2 XSS Vulnerability (PMASA-2018-5) - Windows

phpMyAdmin is prone to an authenticated cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

phpMyAdmin 4.7.x - Cross-Site Request Forgery

phpMyAdmin 4.7.x - Cross-Site Request Forgery Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Date: 2018-08-28 Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on:...

phpMyAdmin 4.7.x - Cross-Site Request Forgery Vulnerability

Exploit for php platform in category web applications Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on: php7 mysql...

phpMyAdmin 4.7.x - Cross-Site Request Forgery

Exploit Title: phpMyAdmin 4.7.x - Cross-Site Request Forgery Date: 2018-08-28 Exploit Author: VulnSpy Vendor Homepage: https://www.phpmyadmin.net/ Software Link: https://www.phpmyadmin.net/downloads/ Version: Versions 4.7.x prior to 4.7.7 Tested on: php7 mysql5 CVE: CVE-2017-1000499 -- Original...

phpMyAdmin <= 4.8.2 XSS Vulnerability (PMASA-2018-5) - Linux

phpMyAdmin is prone to an authenticated cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

openSUSE Security Update : phpMyAdmin (openSUSE-2018-939)

This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed : - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...

Cross-Site Scripting (XSS)

phpMyAdmin is vulnerable to cross-site scripting XSS. Import warning messages are not sanitized and allow remote attackers to inject arbitrary Javascript code in a victim's browser...

Security update for phpMyAdmin (moderate)

This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed: - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially-crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...

Security update for phpMyAdmin (moderate)

This update for phpMyAdmin to version 4.8.3 addresses multiple issues. Security issues fixed: - CVE-2018-15605: vulnerability in the file import feature allowed cross-site scripting via importing a specially-crafted file PMASA-2018-5, boo1105726 This update also contains a number of upstream bug...

openSUSE: Security Advisory for phpMyAdmin (openSUSE-SU-2018:2525-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2018-15605

An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature...