6017 matches found
CVE-2005-0544
CVE-2005-0544 concerns phpMyAdmin 2.6.1. The affected component is phpMyAdmin’s web interface, where direct requests to 15 internal library/ini files (e.g., sqlvalidator.lib.php, select_lang.lib.php, setup.php, cookie.auth.lib.php, etc.) can trigger error messages that leak the server’s full path...
CVE-2005-0543
Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...
DEBIAN-CVE-2005-0543
Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...
CVE-2005-0543
Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...
phpMyAdmin 2.6 - 'display_tbl_links.lib.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may...
phpMyAdmin 2.6 - display_tbl_links.lib.php Multiple Cross-Site Scripting Vulnerabilities
phpMyAdmin 2.6 - displaytbllinks.lib.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-suppli...
phpMyAdmin 2.6 - select_server.lib.php Multiple Cross-Site Scripting Vulnerabilities
phpMyAdmin 2.6 - selectserver.lib.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied...
[SA14382] phpMyAdmin Local File Inclusion and Cross-Site Scripting
TITLE: phpMyAdmin Local File Inclusion and Cross-Site Scripting SECUNIA ADVISORY ID: SA14382 VERIFY ADVISORY: http://secunia.com/advisories/14382/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Exposure of sensitive information WHERE: From remote SOFTWARE: phpMyAdmin 2.x...
phpMyAdmin 2.6 - theme_left.css.php Multiple Cross-Site Scripting Vulnerabilities
phpMyAdmin 2.6 - themeleft.css.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied inp...
phpMyAdmin 2.6 - Multiple Local File Inclusions
phpMyAdmin 2.6 - Multiple Local File Inclusions source: https://www.securityfocus.com/bid/12645/info phpMyAdmin is affected by multiple local file include vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP...
phpMyAdmin 2.6 - 'select_server.lib.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may...
phpMyAdmin 2.6 - Multiple Local File Inclusions
source: https://www.securityfocus.com/bid/12645/info phpMyAdmin is affected by multiple local file include vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP 'include', 'require', 'require-once', or similar...
phpMyAdmin 2.6 - 'theme_right.css.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may...
phpMyAdmin 2.6 - 'theme_left.css.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may...
phpMyAdmin 2.6 - theme_right.css.php Multiple Cross-Site Scripting Vulnerabilities
phpMyAdmin 2.6 - themeright.css.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied...
phpmyadmin -- information disclosure vulnerability
A phpMyAdmin security announcement reports: By calling some scripts that are part of phpMyAdmin in an unexpected way especially scripts in the libraries subdirectory, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin...
phpmyadmin -- arbitrary file include and XSS vulnerabilities
A phpMyAdmin security announcement reports: We received two bug reports by Maksymilian Arciemowicz about those vulnerabilities and we wish to thank him for his work. The vulnerabilities apply to those points: css/phpmyadmin.css.php was vulnerable against $cfg and GLOBALS variable injections. This...
CVE-2005-0459
phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to selectlang.lib.php, which reveals the path in a PHP error message...
CVE-2005-0459
phpMyAdmin 2.6.2-dev, and possibly earlier versions, allows remote attackers to determine the full path of the web root via a direct request to selectlang.lib.php, which reveals the path in a PHP error message...
CVE-2005-0459
CVE-2005-0459 affects phpMyAdmin 2.6.2-dev (and possibly earlier) and allows remote attackers to discover the full web-root path by requesting select_lang.lib.php, causing a PHP error message that reveals the path. The vulnerability is due to error output disclosing the filesystem path; no exploi...