Fedora Core 9 FEDORA-2009-3692 (phpMyAdmin)

The remote host is missing an update to phpMyAdmin announced via advisory FEDORA-2009-3692. OpenVAS Vulnerability Test $Id: fcore20093692.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-3692 phpMyAdmin Authors: Thomas Reinke Copyright: Copyright c...

Fedora Core 10 FEDORA-2009-3700 (phpMyAdmin)

The remote host is missing an update to phpMyAdmin announced via advisory FEDORA-2009-3700. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Fedora Core 9 FEDORA-2009-3692 (phpMyAdmin)

The remote host is missing an update to phpMyAdmin announced via advisory FEDORA-2009-3692. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

phpMyAdmin < 3.1.3.2 Multiple RCE (PMASA-2009-4)

Binary data 4997.prm...

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

DEBIAN-CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

Code injection

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

CVE-2009-1285

phpMyAdmin 3.x is affected by a static code injection in the getConfigFile function (setup/lib/ConfigFile.class.php) prior to 3.1.3.2, allowing remote attackers to inject arbitrary PHP into configuration files. Documented CVSS base 7.5 (HIGH) with network access and no authentication. Remediation...

CVE-2009-1285

Static code injection vulnerability in the getConfigFile function in setup/lib/ConfigFile.class.php in phpMyAdmin 3.x before 3.1.3.2 allows remote attackers to inject arbitrary PHP code into configuration files...

phpMyAdmin配置文件PHP代码注入漏洞

BUGTRAQ ID: 34526 CVECAN ID: CVE-2009-1285 phpMyAdmin是用PHP编写的工具，用于通过WEB管理MySQL。 phpMyAdmin所使用的setup脚本没有正确地过滤配置参数，如果远程攻击者向服务器提交了恶意的POST请求，就可以在所生成的配置文件中注入任意PHP代码。 phpMyAdmin phpMyAdmin 3.x phpMyAdmin phpMyAdmin 2.11.x phpMyAdmin ---------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

phpMyAdmin Setup Script Configuration Parameters Arbitrary PHP Code Injection (PMASA-2009-4)

The setup script included with the version of phpMyAdmin installed on the remote host does not properly sanitize user-supplied input before using it to generate a config file for the application. This version is affected by the following vulnerabilities : - The setup script inserts the unsanitize...

phpMyAdmin setup.php save Action Arbitrary PHP Code Injection (PMASA-2009-3)

The setup script included with the version of phpMyAdmin installed on the remote host does not properly sanitize user-supplied input to several variables before using them to generate a config file for the application. Using specially crafted POST requests, an unauthenticated, remote attacker may...

phpMyAdmin 'CVE-2009-1285' Configuration File PHP Code Injection Vulnerability

According to its version number, the remote version of phpMyAdmin is prone to a remote PHP code-injection vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

FreeBSD : phpmyadmin -- insufficient output sanitizing when generating configuration file (1a0e4cc6-29bf-11de-bdeb-0030843d3802)

phpMyAdmin Team reports : Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. Combined with ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code. This...

Fedora 9 : phpMyAdmin-3.1.3.2-1.fc9 (2009-3692)

Improvements for 3.1.3.2: - security Insufficient output sanitizing when generating configuration file http://www.phpmyadmin.net/homepage/security/PMASA-2009-4.php Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

[SECURITY] Fedora 10 Update: phpMyAdmin-3.1.3.2-1.fc10

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...