DSA-2391-1 phpmyadmin - several

Bulletin has no description...

VulnCheck KEV: CVE-2011-2505

libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted...

phpMyAdmin 3.3.X and 3.4.X - Local File Inclusion via XXE Injection

No description provided by source. Exploit Title: poc-phpmyadmin-local-file-inclusion-via-xxe-injection Date: 12-01-2012 Author: Marco Batista Blog Link: http://www.secforce.com/blog/2012/01/cve-2011-4107-poc-phpmyadmin-local-file-inclusion-via-xxe-injection/ Tested on: Windows and Linux -...

phpMyAdmin 3.3.x / 3.4.x Local File Inclusion Via XXE Injection

Exploit Title: poc-phpmyadmin-local-file-inclusion-via-xxe-injection Date: 12-01-2012 Author: Marco Batista Blog Link: http://www.secforce.com/blog/2012/01/cve-2011-4107-poc-phpmyadmin-local-file-inclusion-via-xxe-injection/ Tested on: Windows and Linux - phpmyadmin versions: 3.3.6, 3.3.10, 3.4.0...

phpMyAdmin 3.3.x/3.4.x - Local File Inclusion via XML External Entity Injection (Metasploit)

Exploit Title: poc-phpmyadmin-local-file-inclusion-via-xxe-injection Date: 12-01-2012 Author: Marco Batista Blog Link: http://www.secforce.com/blog/2012/01/cve-2011-4107-poc-phpmyadmin-local-file-inclusion-via-xxe-injection/ Tested on: Windows and Linux - phpmyadmin versions: 3.3.6, 3.3.10, 3.4.0...

phpMyAdmin 3.3.x3.4.x - Local File Inclusion via XML External Entity Injection (Metasploit)

phpMyAdmin 3.3.x3.4.x - Local File Inclusion via XML External Entity Injection Metasploit Exploit Title: poc-phpmyadmin-local-file-inclusion-via-xxe-injection Date: 12-01-2012 Author: Marco Batista Blog Link:...

phpMyAdmin 3.3.X and 3.4.X - Local File Inclusion via XXE Injection

Exploit for php platform in category web applications Exploit Title: poc-phpmyadmin-local-file-inclusion-via-xxe-injection Date: 12-01-2012 Author: Marco Batista Blog Link: http://www.secforce.com/blog/2012/01/cve-2011-4107-poc-phpmyadmin-local-file-inclusion-via-xxe-injection/ Tested on: Windows...

Fedora Update for phpMyAdmin FEDORA-2011-17370

Check for the Version of phpMyAdmin OpenVAS Vulnerability Test Fedora Update for phpMyAdmin FEDORA-2011-17370 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for phpMyAdmin FEDORA-2011-17370

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for phpmyadmin MDVSA-2011:198 (phpmyadmin)

Check for the Version of phpmyadmin OpenVAS Vulnerability Test Mandriva Update for phpmyadmin MDVSA-2011:198 phpmyadmin Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...

Mandriva Update for phpmyadmin MDVSA-2011:198 (phpmyadmin)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

GLSA-201201-01 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201201-01 phpMyAdmin: Multiple vulnerabilities Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers and phpMyAdmin Security Advisories referenced below for details. Impact : Remote attacke...

phpMyAdmin 3.4.9之前版本多个跨站脚本执行漏洞

BUGTRAQ ID: 51226 CVE ID: CVE-2011-4780 phpMyAdmin是一个用PHP编写的，可以通过web方式控制和操作MySQL数据库。 phpMyAdmin在libraries/displayexport.lib.php的实现上存在多个跨站脚本执行漏洞，通过特制的URL参数，攻击者可利用这些漏洞在服务器、数据库、表格的导出面板上造成XSS，可在受影响站点的用户浏览器中执行任意脚本代码，窃取Cookie身份验证凭证。 0 phpMyAdmin 3.4.x 厂商补丁： phpMyAdmin ----------...

phpMyAdmin: Multiple vulnerabilities

Background phpMyAdmin is a web-based management tool for MySQL databases. Description Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers and phpMyAdmin Security Advisories referenced below for details. Impact Remote attackers might be able to insert and...

Fedora 16 : phpMyAdmin-3.4.9-1.fc16 (2011-17369)

Changes 3.4.9.0 2011-12-21 : - edit Inline editing enum fields with null shows no dropdown - interface DB suggestion not correct for user with underscore - core Magic quotes removed in PHP 5.4 - session No feedback when result is empty signon authtype - display Problems regarding ShowTooltipAlias...

Fedora 15 : phpMyAdmin-3.4.9-1.fc15 (2011-17370)

Changes 3.4.9.0 2011-12-21 : - edit Inline editing enum fields with null shows no dropdown - interface DB suggestion not correct for user with underscore - core Magic quotes removed in PHP 5.4 - session No feedback when result is empty signon authtype - display Problems regarding ShowTooltipAlias...

[SECURITY] Fedora 16 Update: phpMyAdmin-3.4.9-1.fc16

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.9-1.fc15

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

phpMyAdmin Session Serialized Code Execution

'; //PHP code to execute /Settings/ /-------------------------------------------EXPLOIT CODE-------------------------------------------/ $countredirects = 0; $maxredirects = 5; //отправляем http-данные //$method = POST|GET, $url = http://site.com/path, $data = foo1=bar1&foo2=bar2, referer, cookie...

TWSL2011-019: Cross-Site Scripting Vulnerability in phpMyAdmin

Trustwave's SpiderLabs Security Advisory TWSL2011-019: Cross-Site Scripting Vulnerability in phpMyAdmin https://www.trustwave.com/spiderlabs/advisories/TWSL2011-019.txt Published: 12/22/11 Version: 1.0 Vendor: phpMyAdmin http://www.phpmyadmin.net/ Product: phpMyAdmin Version affected: 3.4.8 and...