Security update for phpMyAdmin (important)

This update for phpMyAdmin to version 4.7.7 fixes a security issue and bugs. The following vulnerability was fixed: - By deceiving a user to click on a crafted URL, it was possible to perform harmful database operations bsc1074066, PMASA-2017-09 This update also contains all upstream improvements...

OPENSUSE-SU-2017:3448-1 Security update for phpMyAdmin

This update for phpMyAdmin to version 4.7.7 fixes a security issue and bugs. The following vulnerability was fixed: - By deceiving a user to click on a crafted URL, it was possible to perform harmful database operations bsc1074066, PMASA-2017-09 This update also contains all upstream improvements...

OPENSUSE-SU-2017:3451-1 Security update for phpMyAdmin

This update for phpMyAdmin to version 4.7.7 fixes a security issue and bugs. The following vulnerability was fixed: - By deceiving a user to click on a crafted URL, it was possible to perform harmful database operations bsc1074066, PMASA-2017-09 This update also contains all upstream improvements...

MGASA-2017-0471 Updated phpmyadmin packages fix security vulnerability

Due to an XSRF/CSRF vulnerability in phpMyAdmin before 4.7.7, by deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc PMASA-2017-9. The phpmyadmin package has been updated to version 4.7.7 to fix...

Updated phpmyadmin packages fix security vulnerability

Due to an XSRF/CSRF vulnerability in phpMyAdmin before 4.7.7, by deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc PMASA-2017-9. The phpmyadmin package has been updated to version 4.7.7 to fix...

FreeBSD : phpMyAdmin -- XSRF/CSRF vulnerability (63eb2b11-e802-11e7-a58c-6805ca0b3d42)

The phpMyAdmin team reports : Description By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc. Severity We consider this vulnerability to be critical. %NASLMINLEVEL 70300 C Tenable Network...

phpMyAdmin -- XSRF/CSRF vulnerability

The phpMyAdmin team reports: Description By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc. Severity We consider this vulnerability to be critical...

XSRF/CSRF vulnerability in phpMyAdmin

PMASA-2017-9 Announcement-ID: PMASA-2017-9 Date: 2017-12-20 Updated: 2018-01-03 Summary XSRF/CSRF vulnerability in phpMyAdmin Description By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc...

LocalTapiola: PHPMYADMIN Setup is accessible without authentication on https://lml.lahitapiola.fi/

Vulnerability Detail PhpMyAdmin setup page is accessible over the internet in which it's possible for the user setup the servers with required details. Vulnerable Endpoint https://lml.lahitapiola.fi/admin/phpMyAdmin/setup/index.php Attached screenshots F246247 F246248 Impact Its possible for an...

International Islamic University Chittagong: PHP Myadmin Accesable & Database Error Information

Dear Team, MyPHPAdmin console is accessible over the internet as well as Directory of PHP documentation is accessible. Refer all attached images Kindly MOve this to 403 Forbidden resources Steps below to reproduce the same. enter this Url http://119.18.148.140/phpmyadmin/ accessible over Internet...

phpMyAdmin End of Life (EOL) Detection - Linux

The phpMyAdmin version on the remote host has reached the End of Life EOL and should not be used anymore. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

phpMyAdmin End of Life (EOL) Detection - Windows

The phpMyAdmin version on the remote host has reached the End of Life EOL and should not be used anymore. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

phpMyAdmin XXE Injection Vulnerability (PMASA-2011-17) - Linux

phpMyAdmin is prone to a XML external entity XXE injection attack. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin Multiple XSS Vulnerabilities (PMASA-2011-18) - Windows

phpMyAdmin is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin Multiple XSS Vulnerabilities (PMASA-2011-18) - Linux

phpMyAdmin is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin 3.5.x < 3.5.3 Multiple Vulnerabilities (PMASA-2012-6, PMASA-2012-7) - Linux

phpMyAdmin is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin 3.x < 3.3.10.3, 3.4.x < 3.4.3.2 Multiple Vulnerabilities (PMASA-2011-9, PMASA-2011-12) - Linux

phpMyAdmin is prone to multiple vulnerabilities: - a Cross-Site Scripting XSS vulnerability in table Print view - possible superglobal and local variables manipulation in swekey authentication. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced...

phpMyAdmin XXE Injection Vulnerability (PMASA-2011-17) - Windows

phpMyAdmin is prone to a XML external entity XXE injection attack. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin 3.4.x < 3.4.3.2 Multiple Directory Traversal Vulnerabilities (PMASA-2011-10, PMASA-2011-11) - Linux

phpMyAdmin is prone to multiple directory traversal vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin 3.4.x < 3.4.3.2 Multiple Directory Traversal Vulnerabilities (PMASA-2011-10, PMASA-2011-11) - Windows

phpMyAdmin is prone to multiple directory traversal vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...