phpMyAdmin 3.4.x < 3.4.6 XSS (PMASA-2011-16)

The version of phpMyAdmin hosted on the remote server is 3.4.x prior to 3.4.6 and is affected by a cross-site scripting vulnerability. The 'Servers-0-verbose' parameter is not properly sanitized by methods in 'libraries/config/ConfigFile.class.php' as called by the script 'setup/index.php'...

phpmyadmin 3.4.6 setup.php 跨站脚本漏洞

No description provided by source...

phpMyAdmin Setup接口跨站脚本漏洞

Bugtraq ID: 50175 CVE ID：CVE-2011-4064 phpMyAdmin是一款基于PHP的MySQL管理程序。 部分传递给setup.php的输入在返回用户之前缺少过滤，攻击者构建恶意链接，诱使用户解析，可导致恶意脚本在目标用户浏览器上执行，可获得目标用户敏感信息或劫持用户会话。 如果存在配置目录并可写，那么XSS负载可保存在此目录中。 phpMyAdmin 3.x 厂商解决方案 phpMyAdmin 3.4.6已经修复此漏洞，建议用户下载使用： http://www.phpmyadmin.net/ !/usr/bin/env python coding:...

Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)

It has been discovered that the extension phpMyAdmin phpmyadmin is vulnerable to Cross-Site Scripting and Full Path Disclosure. Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: Version 4.11.5 and below Vulnerability Type:...

phpMyAdmin Information Disclosure Vulnerability (PMASA-2011-15) - Active Check

phpMyAdmin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

XSS in setup.

PMASA-2011-16 Announcement-ID: PMASA-2011-16 Date: 2011-10-17 Summary XSS in setup. Description Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Severity We consider this...

Path disclosure due to insufficient url parameter validation.

PMASA-2011-15 Announcement-ID: PMASA-2011-15 Date: 2011-10-17 Summary Path disclosure due to insufficient url parameter validation. Description When the jsframe parameter of phpmyadmin.css.php is defined as an array, an error message shows the full path of this file, leading to possible further...

WineHQ database compromise - One More Linux Project Fail

WineHQ database compromise - One More Linux Project Fail Jeremy White, Codeweavers Founder has announced that access to the WineHQ database has been compromised. "On the one hand, we saw no evidence of harm to any database. We saw no evidence of any attempt to change the database and candidly,...

PhpMyAdmin of 3. x Swekey remote code injection vulnerability and fix-vulnerability warning-the black bar safety net

? php echo phpsapiname!==' cli'?'& lt;/pre':"; ifphpsapiname==='cli' if! isset$argv1 output" Usage\n ".$ argv0." "; killme; $pmaurl = $argv1; else $pmaurl = isset$REQUEST'url'?$ REQUEST'url':"; $code = 'foreach$GET as $k=$vif$k==="eval"eval$v;'; $cookie = null; $token = null; if!...

Fedora 16 : phpMyAdmin-3.4.5-1.fc16 (2011-12905)

Changes for 3.4.5.0 2011-09-14 : - interface Page list in navigation frame looks odd - interface Error div misplaced - interface Comment on a column breaks inline editing - display Order by a column in a view doesn't work in some cases - interface Add missing space to server status - core Remove...

phpMyAdmin 3.4.x < 3.4.5 XSS (PMASA-2011-14)

The version of phpMyAdmin on the remote host is 3.4.x prior to 3.4.5. This version is affected by multiple cross-site scripting vulnerabilities: - The data used in the row content display after inline editing is not properly sanitized before it is passed back to the browser. - The data passed in ...

[SECURITY] Fedora 16 Update: phpMyAdmin-3.4.5-1.fc16

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Fedora Update for phpMyAdmin FEDORA-2011-12918

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for phpMyAdmin FEDORA-2011-12918

Check for the Version of phpMyAdmin OpenVAS Vulnerability Test Fedora Update for phpMyAdmin FEDORA-2011-12918 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for phpMyAdmin FEDORA-2011-12928

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for phpMyAdmin FEDORA-2011-12928

Check for the Version of phpMyAdmin OpenVAS Vulnerability Test Fedora Update for phpMyAdmin FEDORA-2011-12928 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora 15 : phpMyAdmin-3.4.5-1.fc15 (2011-12928)

Changes for 3.4.5.0 2011-09-14 : - interface Page list in navigation frame looks odd - interface Error div misplaced - interface Comment on a column breaks inline editing - display Order by a column in a view doesn't work in some cases - interface Add missing space to server status - core Remove...

Fedora 14 : phpMyAdmin-3.4.5-1.fc14 (2011-12918)

Changes for 3.4.5.0 2011-09-14 : - interface Page list in navigation frame looks odd - interface Error div misplaced - interface Comment on a column breaks inline editing - display Order by a column in a view doesn't work in some cases - interface Add missing space to server status - core Remove...

[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.5-1.fc15

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 14 Update: phpMyAdmin-3.4.5-1.fc14

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...