Debian DLA-336-1 : phpmyadmin security update

Several issues have been fixed in phpMyAdmin, the web administration tool for MySQL. CVE-2014-8958 Multiple cross-site scripting XSS vulnerabilities. CVE-2014-9218 Denial of service resource consumption via a long password. CVE-2015-2206 Risk of BREACH attack due to reflected parameter...

[SECURITY] [DLA 336-1] phpmyadmin security update

Package : phpmyadmin Version : 4:3.3.7-9 CVE ID : CVE-2014-8958 CVE-2014-9218 CVE-2015-2206 CVE-2015-3902 Several issues have been fixed in phpMyAdmin, the web administration tool for MySQL. CVE-2014-8958 Multiple cross-site scripting XSS vulnerabilities. CVE-2014-9218 Denial of service resource...

[SECURITY] [DSA 3382-1] phpmyadmin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3382-1 [email protected] https://www.debian.org/security/ Thijs Kinkhorst October 28, 2015 https://www.debian.org/security/faq -...

CVE-2015-7873

The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter...

CVE-2015-7873

The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter...

CVE-2015-7873

The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter...

Authentication flaw

The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter...

UBUNTU-CVE-2015-7873

The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter...

CVE-2015-7873

The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter...

CVE-2015-7873

CVE-2015-7873 affects phpMyAdmin's redirect feature in url.php, enabling content spoofing via the url parameter in affected 4.4.x and 4.5.x branches. Root cause: the url.php redirect logic allows an attacker to steer victims to an external or spoofed page, potentially misleading users. Affected v...

CVE-2015-7873

The redirection feature in url.php in phpMyAdmin 4.4.x before 4.4.15.1 and 4.5.x before 4.5.1 allows remote attackers to spoof content via the url parameter...

Debian Security Advisory DSA 3382-1 (phpmyadmin - security update)

Several issues have been fixed in phpMyAdmin, the web administration tool for MySQL. CVE-2014-8958 Wheezy only Multiple cross-site scripting XSS vulnerabilities. CVE-2014-9218 Wheezy only Denial of service resource consumption via a long password. CVE-2015-2206 Risk of BREACH attack due to...

DLA-336-1 phpmyadmin - security update

Bulletin has no description...

DSA-3382-1 phpmyadmin - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3382-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : phpMyAdmin -- Content spoofing vulnerability (08d11134-79c5-11e5-8987-6805ca0b3d42)

The phpMyAdmin development team reports : This vulnerability allows an attacker to perform a content spoofing attack using the phpMyAdmin's redirection mechanism to external sites. We consider this vulnerability to be non critical since the spoofed content is escaped and no HTML injection is...

Content spoofing vulnerability when redirecting user to an external site

PMASA-2015-5 Announcement-ID: PMASA-2015-5 Date: 2015-10-23 Summary Content spoofing vulnerability when redirecting user to an external site Description This vulnerability allows an attacker to perform a content spoofing attack using the phpMyAdmin's redirection mechanism to external sites...

phpMyAdmin -- Content spoofing vulnerability

The phpMyAdmin development team reports: This vulnerability allows an attacker to perform a content spoofing attack using the phpMyAdmin's redirection mechanism to external sites. We consider this vulnerability to be non critical since the spoofed content is escaped and no HTML injection is...

Zpanel - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/phpexe' require 'nokogiri' require 'uri' class Metasploit3 'Zpanel Remote Unauthenticated RCE', 'Description' = %q This modul...

Mageia: Security Advisory (MGASA-2015-0366)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...