CVE-2012-4219

showconfigerrors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file...

CVE-2012-4219

CVE-2012-4219 affects phpMyAdmin 3.5.x prior to 3.5.2.1. The vulnerability arises from not including the common.inc.php library, causing a direct request to show_config_errors.php to disclose the installation path via an error message. Impact is information disclosure (installation path) with a m...

CVE-2012-4219

showconfigerrors.php in phpMyAdmin 3.5.x before 3.5.2.1 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message, related to lack of inclusion of the common.inc.php library file...

phpMyAdmin 3.4.x 多个HTML注入漏洞

BUGTRAQ ID: 55068 CVE ID: CVE-2012-4345 phpMyAdmin是一个用PHP编写的，可以通过web方式控制和操作MySQL数据库。 phpMyAdmin 3.4.11.1之前版本、3.5.2.2 之前版本在实现上存在多个HTML注入漏洞，攻击者可利用这些漏洞注入HTML和JS代码到受影响站点，导致窃取身份验证凭证并控制站点外观。 0 phpMyAdmin 3.4.x 厂商补丁： phpMyAdmin ---------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

phpMyAdmin 'show_config_errors.php'完整路径信息泄露漏洞

BUGTRAQ ID: 55057 CVE ID: CVE-2012-4219 phpMyAdmin是一个用PHP编写的，可以通过web方式控制和操作MySQL数据库。 phpMyAdmin 3.5.2.1之前的3.5.x在实现上存在安全漏洞，攻击者可利用此漏洞获取敏感信息。 0 phpMyAdmin 3.5.x 厂商补丁： phpMyAdmin ---------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.phpmyadmin.net/homepage/security/...

FreeBSD : phpMyAdmin -- Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages (db1d3340-e83b-11e1-999b-e0cb4e266481)

The phpMyAdmin development team reports : Using a crafted table name, it was possible to produce a XSS : 1 On the Database Structure page, creating a new table with a crafted name 2 On the Database Structure page, using the Empty and Drop links of the crafted table name 3 On the Table Operations...

phpMyAdmin 'show_config_errors.php' Full Path Information Disclosure Vulnerability

phpMyAdmin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages.

PMASA-2012-4 Announcement-ID: PMASA-2012-4 Date: 2012-08-16 Summary Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages. Description Using a crafted table name, it was possible to produce a XSS : 1 On the Database Structure page, creating a new table with a...

FreeBSD : phpMyAdmin -- Path disclosure due to missing library (aca0d7e0-e38a-11e1-999b-e0cb4e266481)

The phpMyAdmin development team reports : The showconfigerrors.php script does not include a library, so an error message shows the full path of this file, leading to possible further attacks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

phpMyAdmin -- Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages

The phpMyAdmin development team reports: Using a crafted table name, it was possible to produce a XSS : 1 On the Database Structure page, creating a new table with a crafted name 2 On the Database Structure page, using the Empty and Drop links of the crafted table name 3 On the Table Operations...

Path disclosure due to missing library.

PMASA-2012-3 Announcement-ID: PMASA-2012-3 Date: 2012-08-09 Summary Path disclosure due to missing library. Description The showconfigerrors.php script does not include a library, so an error message shows the full path of this file, leading to possible further attacks. Severity We consider this...

phpMyAdmin -- Path disclosure due to missing library

The phpMyAdmin development team reports: The showconfigerrors.php script does not include a library, so an error message shows the full path of this file, leading to possible further attacks...

phpCollab 2.5 - Database Backup Information Disclosure

phpCollab 2.5 - Database Backup Information Disclosure source: https://www.securityfocus.com/bid/53656/info phpCollab is prone to an information-disclosure vulnerability because it fails to sufficiently validate user-supplied data. An attacker can exploit this issue to download backup files that...

phpMyAdmin 2.11.x / 3.3.x < 2.11.11.3 / 3.3.9.2 SQL Query Bookmarks Arbitrary SQL Query Execution (PMASA-2011-02)

According to its self-identified version number, the phpMyAdmin install hosted on the remote web server allows creation of bookmarked SQL queries which could be unintentionally executed by other users. Note that successful exploitation of this vulnerability requires that phpMyAdmin configuration...

PHPCollab 2.5 Database Backup Disclosure

Exploit Title: phpcollab Unauthenticated Database Backup Download Date: 3/5/2012 Author: team ' and 1=1-- Software Link: http://www.phpcollab.com/ Version: 2.5 Vulnerability was found during the AthCon IT Security Conference CTF CTF organizer: echothrust During AthCon CTF the team ' and 1=1--...

phpMyAdmin simplexml_load_string() Function Information Disclosure (PMASA-2011-17)

According to its self-identified version number, the phpMyAdmin install hosted on the remote web server is affected by an information disclosure vulnerability. The vulnerability, which is in the simplexmlloadstring function in the XML import plug-in libraries/import/xml.php in phpMyAdmin 3.3.x...

phpMyAdmin Replication Setup js/replication.js Database Name XSS

According to its self-identified version number, the phpMyAdmin install hosted on the remote web server is affected by a cross-site scripting vulnerability. The vulnerability is in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1, which allows...

Fedora Update for phpMyAdmin FEDORA-2012-5624

Check for the Version of phpMyAdmin OpenVAS Vulnerability Test Fedora Update for phpMyAdmin FEDORA-2012-5624 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for phpMyAdmin FEDORA-2012-5631

Check for the Version of phpMyAdmin OpenVAS Vulnerability Test Fedora Update for phpMyAdmin FEDORA-2012-5631 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for phpMyAdmin FEDORA-2012-5631

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...