phpMyAdmin262XSS.txt

========================================================== Title: phpMyAdmin Cross-site Scripting Vulnerability Application: phpMyAdmin Vendor: http://www.phpmyadmin.net Vulnerable Versions: References: http://www.arrelnet.com/advisories/adv20050403.html...

GLSA-200504-08 : phpMyAdmin: XSS vulnerability

The remote host is affected by the vulnerability described in GLSA-200504-08 phpMyAdmin: XSS vulnerability Oriol Torrent Santiago has discovered that phpMyAdmin fails to validate input to the 'convcharset' variable, rendering it vulnerable to cross-site scripting attacks. Impact : By sending a...

XAMPP - Insecure Default Password Disclosure

XAMPP - Insecure Default Password Disclosure source: https://www.securityfocus.com/bid/13131/info An insecure default password disclosure vulnerability affects XAMPP. This issue is due to a failure of the application to properly secure access to default passwords. An attacker may leverage this...

XAMPP - Insecure Default Password Disclosure

source: https://www.securityfocus.com/bid/13131/info An insecure default password disclosure vulnerability affects XAMPP. This issue is due to a failure of the application to properly secure access to default passwords. An attacker may leverage this issue to gain access to the default passwords f...

phpMyAdmin: Cross-site scripting vulnerability

Background phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL databases from a web-browser. Description Oriol Torrent Santiago has discovered that phpMyAdmin fails to validate input to the "convcharset" variable, rendering it vulnerable to cross-site scripting...

CVE-2005-0992

Summary: CVE-2005-0992 is an XSS in phpMyAdmin’s index.php via the convcharset parameter. The NVD entry lists a base score of 4.3 (MEDIUM) with network access, no confidentiality impact, but partial integrity impact and no availability impact. Connected OpenVAS entries tie the vulnerability to ph...

CVE-2005-0992

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter...

phpMyAdmin Cross-site Scripting Vulnerability

========================================================== Title: phpMyAdmin Cross-site Scripting Vulnerability Application: phpMyAdmin Vendor: http://www.phpmyadmin.net Vulnerable Versions: =2.6.2-beta1 Corrected: phpMyAdmin versions after 2.6.2-beta1 Bug: Cross-site Scripting Date: 3-Apr-2005...

phpMyAdmin index.php convcharset Parameter XSS

The installed version of phpMyAdmin suffers from a cross-site scripting vulnerability due to its failure to sanitize user input to the 'convcharset' parameter of the 'index.php' script. A remote attacker may use these vulnerabilities to cause arbitrary code to be executed in a user's browser to...

phpMyAdmin < 2.6.2-RC1 RCE

Binary data 2787.prm...

[SA14799] phpMyAdmin &quot;convcharset&quot; Cross-Site Scripting Vulnerability

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: phpMyAdmin "convcharset" Cross-Site Scripting...

phpmyadmin -- cross site scripting vulnerability

A phpMyAdmin security announcement reports: The convcharset parameter was not correctly validated, opening the door to a XSS attack...

phpMyAdmin 2.x - Convcharset Cross-Site Scripting

phpMyAdmin 2.x - Convcharset Cross-Site Scripting source: https://www.securityfocus.com/bid/12982/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'convcharset' parameter. phpMyAdmin versions prior to 2.6.2-rc1 are...

phpMyAdmin 2.x - Convcharset Cross-Site Scripting

source: https://www.securityfocus.com/bid/12982/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'convcharset' parameter. phpMyAdmin versions prior to 2.6.2-rc1 are affected by this issue...

Cross-Site Scripting vulnerability

PMASA-2005-3 Announcement-ID: PMASA-2005-3 Date: 2005-04-03 Summary Cross-Site Scripting vulnerability Description We received a security advisory from Oriol Torrent Santiago and we wish to thank him for his work and report. The convcharset parameter was not correctly validated, opening the door ...

[SA14599] phpMyAdmin &quot;_&quot; Wildcard Permissions Security Bypass

---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...

CVE-2005-0653

phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended...

CVE-2005-0653

phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended...

CVE-2005-0653

CVE-2005-0653 affects phpMyAdmin 2.6.1 and concerns improper permission handling on tables whose names contain an underscore. The vulnerability allows remote authenticated users to obtain more privileges than intended for those tables, with a CVSSv2 base score of 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)....

GLSA-200503-07 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200503-07 phpMyAdmin: Multiple vulnerabilities phpMyAdmin contains several security issues: Maksymilian Arciemowicz has discovered multiple variable injection vulnerabilities that can be exploited through '$cfg' and 'GLOBALS'...