CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6026 matches found

CVE•added 2010/01/19 4:0 p.m.•93 views

CVE-2009-4605

CVE-2009-4605 concerns phpMyAdmin 2.11.x up to 2.11.9/2.11.10 setup.php where untrusted data is fed into unserialize, enabling CSRF and, in some reports, remote code execution in the web-server context. The vulnerability affects the setup script that processes (1) configuration and (2) v[0] param...

5CVSS6.6AI score0.0047EPSS

Exploits1References8Affected Software1

Debian CVE•added 2010/01/19 4:0 p.m.•24 views

CVE-2009-4605

scripts/setup.php aka the setup script in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the 1 configuration and 2 v0 parameters, which might allow remote attackers to conduct cross-site request forgery CSRF attacks via unspecified vectors...

5CVSS6.4AI score0.0047EPSS

Exploits1

seebug.org•added 2010/01/19 12:0 a.m.•27 views

phpMyAdmin创建不安全文件和目录漏洞

BUGTRAQ ID: 37826 CVE ID: CVE-2008-7251,CVE-2008-7252 phpMyAdmin是用PHP编写的工具，用于通过WEB管理MySQL。 phpMyAdmin在创建临时目录时使用了完全可写的权限，在创建临时文件时使用了可预测的文件名。本地或远程攻击者可以非授权修改文件，或通过符号链接攻击获得权限提升。 phpMyAdmin 2.11.x 厂商补丁： phpMyAdmin ---------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

10CVSS6.4AI score0.0296EPSS

Exploits1

seebug.org•added 2010/01/19 12:0 a.m.•19 views

phpMyAdmin <2.11.10 创建不安全文件和目录漏洞

No description provided by source...

7.1AI score

Exploits0

OpenVAS•added 2010/01/18 12:0 a.m.•50 views

phpMyAdmin Insecure Temporary File and Directory Creation Vulnerabilities

phpMyAdmin creates temporary directories and files in an insecure way. An attacker with local access could potentially exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected application. SPDX-FileCopyrightText: 2010 Greenbone AG Some text...

10CVSS6.4AI score0.0296EPSS

Exploits1References3

Tenable Nessus•added 2010/01/18 12:0 a.m.•24 views

openSUSE Security Update : phpMyAdmin (phpMyAdmin-1801)

The use of unserialize on POST data which could have lead to remote code execution CVE-2009-4605 has been fixed as well as some minor temporary file issues CVE-2008-7251, CVE-2008-7252. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

10CVSS5.5AI score0.0296EPSS

Exploits2References4

phpMyAdmin•added 2010/01/15 12:0 a.m.•48 views

Unsafe usage of unserialize function.

PMASA-2010-3 Announcement-ID: PMASA-2010-3 Date: 2010-01-15 Updated: 2010-01-27 Summary Unsafe usage of unserialize function. Description phpMyAdmin used the unserialize PHP function on potentially unsafe data in setup script, what could be potentially used for XSRF attack, which can lead to code...

5CVSS5.8AI score0.0047EPSS

Exploits1Affected Software1

phpMyAdmin•added 2010/01/15 12:0 a.m.•28 views

Unsafe handling of temporary files

PMASA-2010-2 Announcement-ID: PMASA-2010-2 Date: 2010-01-15 Summary Unsafe handling of temporary files Description phpMyAdmin created temporary files with predictable file name. Severity We consider these vulnerabilities to be not critical. Affected Versions For 2.11.x: versions before 2.11.10 ar...

10CVSS5.7AI score0.0296EPSS

Exploits1Affected Software1

phpMyAdmin•added 2010/01/15 12:0 a.m.•24 views

Unsafe handling of temporary directory

PMASA-2010-1 Announcement-ID: PMASA-2010-1 Date: 2010-01-15 Summary Unsafe handling of temporary directory Description phpMyAdmin used to automatically create temporary world writable directory what could lead to possible misuse of it. Severity We consider these vulnerabilities to be not critical...

10CVSS5.7AI score0.02533EPSS

Exploits1Affected Software1

Packet Storm•added 2009/12/31 12:0 a.m.•218 views

PhpMyAdmin Config File Code Injection

$Id: phpmyadminconfig.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

7.5CVSS0.1AI score0.93271EPSS

Exploits16

seebug.org•added 2009/12/21 12:0 a.m.•19 views

phpMyAdmin 2.9.1 rc1及之前版本存在多个CSRF漏洞

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2009/12/21 12:0 a.m.•15 views

phpMyAdmin 2.6.1 及之前版本存在多个XSS跨站漏洞

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2009/12/21 12:0 a.m.•20 views

phpMyAdmin2.5.5及之前版本目录遍历漏洞

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2009/12/21 12:0 a.m.•14 views

phpMyAdmin 2.2.0 及之前版本文件目录遍历漏洞

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2009/12/21 12:0 a.m.•44 views

phpMyAdmin 2.7.0 全局变量覆盖导致文件包含漏洞

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2009/12/21 12:0 a.m.•13 views

phpMyAdmin 2.6.2 convcharset参数存在XSS漏洞

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2009/12/17 12:0 a.m.•19 views

phpMyAdmin 2.6.4 Pl3以前版本本地文件包含漏洞

No description provided by source...

7.1AI score

Exploits0

seebug.org•added 2009/12/17 12:0 a.m.•14 views

phpMyAdmin2.6.4之前版本存在多个XSS漏洞

No description provided by source...

7.1AI score

Exploits0

Exploit DB•added 2009/12/11 12:0 a.m.•125 views

XAMPP 1.7.2 - Change Administrative Password

Title: XAMPP 1.7.2 Change Administrative Password Date: 11/12/2009 Author: bi0 Software Link: http://www.apachefriends.org/en/xampp-windows.html Version: 1.7.2 Tested on: Windows XP / Windows Vista CVE : /\ == \ /\ \ /\ \ \ \ \ \ \ \ \ /\ \ \ \ \ \ \ \ // // //...

7AI score

Exploits0

0day.today•added 2009/12/11 12:0 a.m.•22 views

XAMPP 1.7.2 Change Administrative Password

Exploit for unknown platform in category web applications ========================================== XAMPP 1.7.2 Change Administrative Password ========================================== Title: XAMPP 1.7.2 Change Administrative Password Date: 11/12/2009 Author: bi0 Software Link:...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by