DEBIAN-CVE-2010-3055

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

CVE-2010-3055

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

CVE-2010-3055

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 dbsearch.php, 2 dbsql.php, 3 dbstructure.php, 4 js/messages.php, 5 libraries/common.lib.php, 6...

Cross site request forgery (csrf)

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

CVE-2010-3056

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 dbsearch.php, 2 dbsql.php, 3 dbstructure.php, 4 js/messages.php, 5 libraries/common.lib.php, 6...

CVE-2010-3056

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 dbsearch.php, 2 dbsql.php, 3 dbstructure.php, 4 js/messages.php, 5 libraries/common.lib.php, 6...

CVE-2010-3055

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

CVE-2010-3055

The configuration setup script aka scripts/setup.php in phpMyAdmin 2.11.x before 2.11.10.1 does not properly restrict key names in its output file, which allows remote attackers to execute arbitrary PHP code via a crafted POST request...

CVE-2010-3056

The CVE-2010-3056 family affects phpMyAdmin (2.11.x up to 2.11.10.1 and 3.x up to 3.3.5.1; with 3.x prior to 3.3.6 noted in advisories). Root cause: insufficient input sanitisation leading to cross-site scripting (XSS) via multiple vectors and related issues in libraries/common code and setup pat...

CVE-2010-3056

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x before 3.3.5.1 allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 dbsearch.php, 2 dbsql.php, 3 dbstructure.php, 4 js/messages.php, 5 libraries/common.lib.php, 6...

CVE-2010-3055

CVE-2010-3055 affects phpMyAdmin 2.11.x before 2.11.10.1. The configuration setup script (scripts/setup.php) does not properly restrict key names in its output file, enabling a remote attacker to execute arbitrary PHP code via a crafted POST request. The issue, with a CVSS v2 base score of 7.5 (H...

[SECURITY] Fedora 14 Update: phpMyAdmin-3.3.5.1-1.fc14

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges, export data into various formats and ...

Fedora 14 : phpMyAdmin-3.3.5.1-1.fc14 (2010-13402)

Changes for 3.3.5.1 2010-10-20 - core Fixed various XSS issues, see PMASA-2010-5 for more details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Fedora Update for phpMyAdmin FEDORA-2010-13249

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for phpMyAdmin FEDORA-2010-13258

Check for the Version of phpMyAdmin OpenVAS Vulnerability Test Fedora Update for phpMyAdmin FEDORA-2010-13258 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for phpMyAdmin FEDORA-2010-13249

Check for the Version of phpMyAdmin OpenVAS Vulnerability Test Fedora Update for phpMyAdmin FEDORA-2010-13249 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for phpMyAdmin FEDORA-2010-13258

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

phpMyAdmin Closes Code Execution Holes

The phpMyAdmin developers have announced the release of version 3.3.5.1 and 2.11.10.1 of their database administration tool, security updates that fix one critical and several serious vulnerabilities. Read the full article. The H Security...

FreeBSD : phpmyadmin -- Several XSS vulnerabilities (274922b8-ad20-11df-af1f-00e0814cab4e)

phpMyAdmin Team reports : It was possible to conduct a XSS attack using crafted URLs org POST parameters on several pages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-20...