6026 matches found
FreeBSD : phpmyadmin -- XSS Vulnerability (85b0bbc8-a7a5-11dd-8283-001c2514716c)
SecurityFocus reports : phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This m...
Fedora 9 : phpMyAdmin-3.0.1.1-1.fc9 (2008-9316)
This update by upstream to phpMyAdmin 3.0.1.1 solves CVE-2008-4775, a XSS issue in pmdpdf.php via db parameter when registerglobals is enabled. - GUI SQL error after sorting a subset - lang Catalan update - lang Russian update - import Temporary uploaded file not deleted - auth Cannot create...
Fedora 8 : phpMyAdmin-3.0.1.1-1.fc8 (2008-9336)
This update by upstream to phpMyAdmin 3.0.1.1 solves CVE-2008-4775, a XSS issue in pmdpdf.php via db parameter when registerglobals is enabled. - GUI SQL error after sorting a subset - lang Catalan update - lang Russian update - import Temporary uploaded file not deleted - auth Cannot create...
[SECURITY] Fedora 8 Update: phpMyAdmin-3.0.1.1-1.fc8
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...
[SECURITY] Fedora 9 Update: phpMyAdmin-3.0.1.1-1.fc9
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats a nd ...
phpMyAdmin pmd_pdf.php Cross Site Scripting Vulnerability
phpMyAdmin is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
XSS on a Designer component
PMASA-2008-9 Announcement-ID: PMASA-2008-9 Date: 2008-10-30 Summary XSS on a Designer component Description A logged-in user can be subject of cross site scripting attack via the pmdpdf.php script. Severity We consider this vulnerability to be serious. Affected Versions For 2.11.x: versions befor...
phpmyadmin -- Cross-Site Scripting Vulnerability
SecurityFocus reports: phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This ma...
CVE-2008-4775
Cross-site scripting XSS vulnerability in pmdpdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and...
CVE-2008-4775
Cross-site scripting XSS vulnerability in pmdpdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and...
DEBIAN-CVE-2008-4775
Cross-site scripting XSS vulnerability in pmdpdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and...
Cross site scripting
Cross-site scripting XSS vulnerability in pmdpdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and...
CVE-2008-4775
Cross-site scripting XSS vulnerability in pmdpdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and...
CVE-2008-4775
Cross-site scripting XSS vulnerability in pmdpdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and...
CVE-2008-4775
CVE-2008-4775 is an XSS in phpMyAdmin’s pmd_pdf.php (db parameter) that affects phpMyAdmin 3.0.0 and earlier (and potentially 2.11.9.2, 3.0.1) when register_globals is on. Root cause: improper handling of the db parameter leading to script/HTML injection. Impact: remote attacker can inject arbitr...
CVE-2008-4775
Cross-site scripting XSS vulnerability in pmdpdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and...
XSS in phpMyadmin
Author : Hadi Kiamarsi ------------------------------------------- Discovered by : Hadi Kiamarsi ------------------------------------------- Exploited By : Hadi Kiamarsi ------------------------------------------- E-Mail : hadikiamarsiathotmail.com ------------------------------------------- web...
phpMyAdmin 'pmd_pdf.php'跨站脚本漏洞
BUGTRAQ ID: 31928 CNCAN ID:CNCAN-2008102804 phpMyAdmin是一款基于WEB的MySQL管理程序。 phpMyAdmin 'pmdpdf.php'不正确处理用户输入,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 'pmdpdf.php'脚本不正确处理用户提交给'db'参数的数据,提交恶意脚本代码作为参数,并诱使用户访问,可导致获得目标用户敏感信息。 phpMyAdmin 3.0.1 phpMyAdmin 3.0 目前没有解决方案提供: http://www.phpmyadmin.net/...
phpMyAdmin 3.0.1 - 'pmd_pdf.php' Cross-Site Scripting
source: https://www.securityfocus.com/bid/31928/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context...
phpmyadminall-xss.txt
Author : Hadi Kiamarsi ------------------------------------------- Discovered by : Hadi Kiamarsi ------------------------------------------- Exploited By : Hadi Kiamarsi ------------------------------------------- E-Mail : hadikiamarsiathotmail.com ------------------------------------------- web...