PT-2021-17188 · Php +1 · Phpmyadmin +1

Name of the Vulnerable Software and Affected Versions: henriquedornas version 5.2.17 Description: An information disclosure issue exists because an attacker can dump phpMyAdmin SQL content. Third parties report that this is a site-specific problem. Recommendations: For henriquedornas version...

GLSA-202101-35 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202101-35 phpMyAdmin: Multiple vulnerabilities Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for...

phpMyAdmin: Multiple vulnerabilities

Background phpMyAdmin is a web-based management tool for MySQL databases. Description Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is n...

phpMyAdmin 4.9.0 < 4.9.6 / 5.0.0 < 5.0.3 Multiple Vulnerabilities (PMASA-2020-5, PMASA-2020-6)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.9.x prior to 4.9.6 or 5.0.x prior to 5.0.3. It is, therefore, affected by multiple vulnerabilities. - phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature...

phpMyAdmin 4.9.0 < 4.9.5 / 5.0.0 < 5.0.2 Multiple Vulnerabilities (PMASA-2020-2, PMASA-2020-3, PMASA-2020-4)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.9.x prior to 4.9.5 or 5.0.x prior to 5.0.2. It is, therefore, affected by multiple vulnerabilities. - In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was foun...

phpMyAdmin 4.0.0 < 4.0.10.12 / 4.4.0 < 4.4.15.2 / 4.5.0 < 4.5.3.1 Information Disclosure (PMASA-2015-6)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.12, 4.4.x prior to 4.4.15.2, or 4.5.x prior to 4.5.3.1. It is, therefore, affected by an information disclosure vulnerability: - libraries/config/messages.inc.php in...

phpMyAdmin 4.4.0 < 4.4.15.1 / 4.5.0 < 4.5.1 Content Spoofing (PMASA-2015-5)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.4.x prior to 4.4.15.1 or 4.5.x prior to 4.5.1. It is, therefore, affected by a content spoofing vulnerability. - The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x...

phpMyAdmin 4.0.x < 4.0.10.15 / 4.4.x < 4.4.15.5 / 4.5.x < 4.5.5.1 Multiple Vulnerabilities

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.15, 4.4.x prior to 4.4.15.5, or 4.5.x prior to 4.5.5.1. It is, therefore, affected by multiple vulnerabilities. - Cross-site scripting XSS vulnerability in the format functi...

phpMyAdmin 4.0.x < 4.0.10.18 / 4.4.x < 4.4.15.9 / 4.6.x < 4.6.5 Multiple Vulnerabilities

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.18, 4.4.x prior to 4.4.15.9, or 4.6.x prior to 4.6.5. It is, therefore, affected by multiple vulnerabilities. - An issue was discovered in phpMyAdmin. When the user does not...

Arbitrary Code Execution

phpMyAdmin is vulnerable to arbitrary code execution. The application does not escape certain Git information in libraries/classes/Display/GitRevision.php and libraries/classes/Footer.php, allowing an attacker to execute arbitrary code in the context of the server...

phpMyAdmin 4.0.0 < 4.0.10.17 / 4.4.0 < 4.4.15.8 / 4.6.0 < 4.6.4 Multiple Vulnerabilities

"According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.17, 4.4.x prior to 4.4.15.8, or 4.6.x prior to 4.6.4. It is, therefore, affected by multiple vulnerabilities. - An issue was discovered in cookie encryption in phpMyAdmin...

Vulnerabilities fixed in PHPMyAdmin

Ubuntu has fixed several vulnerabilities in the phpmyadmin package. The vulnerabilities allow an unauthenticated malicious party potentially able to launch attacks that lead to the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS SQL Injection Access to...

phpMyAdmin 4.7.x < 4.7.7 XSRF (PMASA-2017-9)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.7.x prior to 4.7.7. It is, therefore, affected by a cross-site request forgery XSRF vulnerability. An unauthenticated, remote attacker can exploit this, by deceiving a user to click on a crafte...

phpMyAdmin 4.3.x < 4.7.8 XSS (PMASA-2018-1)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.7.x prior to 4.7.8. Versions since 4.3 are also affected, but they are no longer supported. It is, therefore, affected by a cross-site scripting XSS vulnerability in dbcentralcolumns.php. A...

Ubuntu: Security Advisory (USN-4639-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4639-1: phpMyAdmin vulnerabilities

It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. CVE-2018-19968 It was discovered that phpMyAdmin incorrectly handled user input. An...

USN-4639-1 phpmyadmin vulnerabilities

It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. CVE-2018-19968 It was discovered that phpMyAdmin incorrectly handled user input. An...

Ubuntu 18.04 LTS : phpMyAdmin vulnerabilities (USN-4639-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4639-1 advisory. It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use thi...

Multiple vulnerabilities in extension "phpMyAdmin" (phpmyadmin)

Multiple vulnerabilities have been found in the phpMyAdmin component...

phpMyAdmin <= 5.1.1 CSV Injection Vulnerability - Windows

phpMyAdmin is prone to a CSV injection vulnerability via Export Section. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...