FreeBSD : phpMyAdmin -- reCaptcha bypass (3904f759-5659-11e5-a207-6805ca0b3d42)

The phpMyAdmin development team reports : This vulnerability allows to complete the reCaptcha test and subsequently perform a brute-force attack to guess user credentials without having to complete further reCaptcha tests. We consider this vulnerability to be non critical since reCaptcha is an...

Vulnerability that allows bypassing the reCaptcha test

PMASA-2015-4 Announcement-ID: PMASA-2015-4 Date: 2015-09-08 Summary Vulnerability that allows bypassing the reCaptcha test Description This vulnerability allows to complete the reCaptcha test and subsequently perform a brute force attack to guess user credentials without having to complete furthe...

phpMyAdmin -- reCaptcha bypass

The phpMyAdmin development team reports: This vulnerability allows to complete the reCaptcha test and subsequently perform a brute force attack to guess user credentials without having to complete further reCaptcha tests. We consider this vulnerability to be non critical since reCaptcha is an...

金碟UE学堂phpmyadmin越权访问

简要描述： 详细说明： http://kdued.kingdee.com/phpmyadmin/index.php 可以直接访问 造成大量用户账号信息的泄漏 漏洞证明：...

Fedora Update for phpMyAdmin FEDORA-2015-8190

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for phpMyAdmin FEDORA-2015-3287

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : phpMyAdmin (openSUSE-2015-466)

phpMyAdmin was updated to 4.2.13.3 to fix three security issues. The following vulnerabilities were fixed : - CVE-2015-3902: CSRF vulnerability in setup PMASA-2015-2, boo930992 - CVE-2015-3903: Vulnerability allowing man-in-the-middle attack PMASA-2015-3, boo930993 - CVE-2015-2206: Risk of BREACH...

Fedora Update for phpMyAdmin FEDORA-2015-8267

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for phpMyAdmin FEDORA-2015-8274

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

phpMyAdmin Multiple Vulnerabilities -01 (Jun 2015)

phpMyAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin";...

GLSA-201505-03 : phpMyAdmin: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201505-03 phpMyAdmin: Multiple vulnerabilities Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. Impact : A remote authenticated attacker could exploit the...

phpMyAdmin: Multiple vulnerabilities

Background phpMyAdmin is a web-based management tool for MySQL databases. Description Multiple vulnerabilities have been discovered in phpMyAdmin. Please review the CVE identifiers referenced below for details. Impact A remote authenticated attacker could exploit these vulnerabilities to include...

Fedora 22 : phpMyAdmin-4.4.6.1-1.fc22 (2015-8190)

phpMyAdmin 4.4.6.1 2015-05-13 =============================== - security CSRF vulnerability in setup - security Vulnerability allowing man-in-the-middle attack Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

CVE-2015-3903

libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls over SSL, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information...

CVE-2015-3903

libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls over SSL, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information...

CVE-2015-3902

Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...

CVE-2015-3903

libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls over SSL, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information...

Design/Logic Flaw

libraries/Config.class.php in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 disables X.509 certificate verification for GitHub API calls over SSL, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information...

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...

CVE-2015-3902

Multiple cross-site request forgery CSRF vulnerabilities in the setup process in phpMyAdmin 4.0.x before 4.0.10.10, 4.2.x before 4.2.13.3, 4.3.x before 4.3.13.1, and 4.4.x before 4.4.6.1 allow remote attackers to hijack the authentication of administrators for requests that modify the configurati...