CVE-2016-6631

An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against a server when phpMyAdmin is being run as a CGI application. Under certain server configurations, a user can pass a query string which is executed as a command-line argument by the file...

[SECURITY] Fedora 24 Update: phpMyAdmin-4.6.5.1-2.fc24

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Fedora Update for phpMyAdmin FEDORA-2016-2424eeca35

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated phpmyadmin packages fix security vulnerability

In phpMyAdmin before 4.4.15.9, when the user does not specify a blowfishsecret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created using a weak algorithm. This could allow an attacker to determine the user's...

MGASA-2016-0416 Updated phpmyadmin packages fix security vulnerability

In phpMyAdmin before 4.4.15.9, when the user does not specify a blowfishsecret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way this value is created using a weak algorithm. This could allow an attacker to determine the user's...

[SECURITY] Fedora 23 Update: phpMyAdmin-4.6.5.1-2.fc23

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Fedora Update for phpMyAdmin FEDORA-2016-7fc142da66

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 23 : phpMyAdmin (2016-7fc142da66)

phpMyAdmin 4.6.5.1 2016-11-26 =============================== A patch-level release fixing two small issues : - an issue affecting a small number of users using $cfg'Servers'$i'hidedb' or $cfg'Servers'$i'onlydb'. - an issue affecting the create table dialog where the partition selection tool was...

Fedora Update for phpMyAdmin FEDORA-2016-6576a8536b

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for phpMyAdmin FEDORA-2016-49e1e93a66

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : phpMyAdmin (openSUSE-2016-1406)

This update to phpMyAdmin 4.4.15.9 fixes security issues and bugs. The following security issues were fixed : - Unsafe generation of $cfg'blowfishsecret' PMASA-2016-58 - phpMyAdmin's phpinfo functionality is removed PMASA-2016-59 - AllowRoot and allow/deny rule bypass with specially crafted...

Fedora 25 : phpMyAdmin (2016-6576a8536b)

phpMyAdmin 4.6.5.1 2016-11-26 =============================== A patch-level release fixing two small issues : - an issue affecting a small number of users using $cfg'Servers'$i'hidedb' or $cfg'Servers'$i'onlydb'. - an issue affecting the create table dialog where the partition selection tool was...

phpMyAdmin Remote Information Disclosure Vulnerability (CNVD-2016-11902)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A remote information disclosure vulnerability exists...

phpMyAdmin Denial of Service Vulnerability (CNVD-2016-11851)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A denial of service vulnerability exists in...

phpMyAdmin security bypass vulnerability (CNVD-2016-11854)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security bypass vulnerability exists in phpMyAdmin...

phpMyAdmin Open Redirect Vulnerability

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. An open redirection vulnerability exists in phpMyAdm...

phpMyAdmin Information Disclosure Vulnerability (CNVD-2016-11904)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. An information disclosure vulnerability exists in...

phpMyAdmin 'BBCode' Code Injection Vulnerability

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A code injection vulnerability exists in phpMyAdmin...

phpMyAdmin Remote Security Bypass Vulnerability

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A remote security bypass vulnerability exists in...

phpMyAdmin security bypass vulnerability (CNVD-2016-11857)

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A security bypass vulnerability exists in phpMyAdmin...