6026 matches found
CVE-2011-0987
The PMABookmarkget function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark...
CVE-2011-0986
phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the 1 README, 2 ChangeLog, and 3 LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file...
DEBIAN-CVE-2011-0986
phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the 1 README, 2 ChangeLog, and 3 LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file...
Path traversal
phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the 1 README, 2 ChangeLog, and 3 LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file...
CVE-2011-0986
phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the 1 README, 2 ChangeLog, and 3 LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file...
CVE-2011-0987
The PMABookmarkget function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark...
Design/Logic Flaw
The PMABookmarkget function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark...
CVE-2011-0986
phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the 1 README, 2 ChangeLog, and 3 LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file...
CVE-2011-0986
phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the 1 README, 2 ChangeLog, and 3 LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file...
CVE-2011-0986
phpMyAdmin 2.11.x before 2.11.11.2, and 3.3.x before 3.3.9.1, does not properly handle the absence of the 1 README, 2 ChangeLog, and 3 LICENSE files, which allows remote attackers to obtain the installation path via a direct request for a nonexistent file...
CVE-2011-0987
The CVE-2011-0987 issue affects phpMyAdmin 2.11.x before 2.11.11.3 and 3.3.x before 3.3.9.2. The PMA_Bookmark_get function does not properly restrict bookmark queries, allowing remote authenticated users to trigger another user’s SQL query execution by creating a bookmark. Exploitation details in...
CVE-2011-0987
The PMABookmarkget function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark...
CVE-2011-0986
CVE-2011-0986 affects phpMyAdmin: versions 2.11.x before 2.11.11.2 and 3.3.x before 3.3.9.1, where the software mishandles missing README, ChangeLog, and LICENSE files. This enables remote attackers to discover the installation path by directly requesting a nonexistent file. Impact described as i...
CVE-2011-0987
The PMABookmarkget function in libraries/bookmark.lib.php in phpMyAdmin 2.11.x before 2.11.11.3, and 3.3.x before 3.3.9.2, does not properly restrict bookmark queries, which makes it easier for remote authenticated users to trigger another user's execution of a SQL query by creating a bookmark...
[ MDVSA-2011:026 ] phpmyadmin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:026 http://www.mandriva.com/security/ Package : phpmyadmin Date : February 14, 2011 Affected: Corporate 4.0, Enterprise Server 5.0 Problem Description: Multiple vulnerabilities were discovered and corrected ...
FreeBSD : phpMyAdmin -- multiple vulnerabilities (cd68ff50-362b-11e0-ad36-00215c6a37bb)
phpMyAdmin team reports : It was possible to create a bookmark which would be executed unintentionally by other users. When the files README, ChangeLog or LICENSE have been removed from their original place possibly by the distributor, the scripts used to display these files can show their full...
SQL query could be executed under another user.
PMASA-2011-2 Announcement-ID: PMASA-2011-2 Date: 2011-02-11 Summary SQL query could be executed under another user. Description It was possible to create a bookmark which would be executed unintentionally by other users. Severity We consider this vulnerability to be critical. Mitigation factor To...
Path disclosure when some files have been removed.
PMASA-2011-1 Announcement-ID: PMASA-2011-1 Date: 2011-02-08 Summary Path disclosure when some files have been removed. Description When the files README, ChangeLog or LICENSE have been removed from their original place possibly by the distributor, the scripts used to display these files can show...
phpMyAdmin -- multiple vulnerabilities
phpMyAdmin team reports: It was possible to create a bookmark which would be executed unintentionally by other users. When the files README, ChangeLog or LICENSE have been removed from their original place possibly by the distributor, the scripts used to display these files can show their full...
phpMyAdmin 3.4.x Stored Cross Site Scripting
=================================================================================== phpMyAdmin 3.4.x, 3.4.0 beta 2 = Stored Cross Site Scripting XSS Vulnerability =================================================================================== 1. OVERVIEW The phpMyAdmin web application 3.4.0...