CVE-2014-9218

CVE-2014-9218 affects phpMyAdmin 4.0.x < 4.0.10.7, 4.1.x < 4.1.14.8, and 4.2.x

CVE-2014-9219

CVE-2014-9219 affects phpMyAdmin 4.2.x up to 4.2.13.1, where the redirection mechanism in url.php uses the parameter url and escapes it with htmlspecialchars in a JavaScript context. This improper escaping can allow a remote attacker to craft a link that executes arbitrary HTML/JS in the victim’s...

CVE-2014-9218

libraries/common.inc.php in phpMyAdmin 4.0.x before 4.0.10.7, 4.1.x before 4.1.14.8, and 4.2.x before 4.2.13.1 allows remote attackers to cause a denial of service resource consumption via a long password...

CVE-2014-9219

Cross-site scripting XSS vulnerability in the redirection feature in url.php in phpMyAdmin 4.2.x before 4.2.13.1 allows remote attackers to inject arbitrary web script or HTML via the url parameter...

phpMyAdmin 4.0.x < 4.0.10.7 / 4.1.x < 4.1.14.8 / 4.2.x < 4.2.13.1 DoS (PMASA-2014-17)

Binary data 8592.prm...

phpMyAdmin 4.2.x < 4.2.13.1 XSS (PMASA-2014-18)

Binary data 8591.prm...

Multiple vulnerabilities in extension phpMyAdmin (phpmyadmin)

It has been discovered that the extension "phpMyAdmin" phpmyadmin is susceptible to Cross-Site Scripting, Denial of Service and Local File Inclusion. Release Date: December 8, 2014 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected...

phpMyAdmin 4.0.x < 4.0.10.7 / 4.1.x < 4.1.14.8 / 4.2.x < 4.2.13.1 Multiple Vulnerabilities (PMASA-2014-17 - PMASA-2014-18)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.7, 4.1.x prior to 4.1.14.8, or 4.2.x prior to 4.2.13.1. It is, therefore, affected by the following vulnerabilities : - A flaw exists in handling overly long password...

Fedora 21 : phpMyAdmin-4.2.12-1.fc21 (2014-15588)

phpMyAdmin 4.2.12.0 2014-11-20 ================================ - Blank/white page when JavaScript disabled - Multi row actions cause full page reloads - ReferenceError: targeurl is not defined - Incorrect text/icon display in Tracking report - Recordset return from procedure display nothing - Ed...

[SECURITY] Fedora 21 Update: phpMyAdmin-4.2.12-1.fc21

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

openSUSE Security Update : phpMyAdmin (openSUSE-SU-2014:1561-1)

phpMyAdmin was updated to fix four security issues. For openSUSE 12.3 and 13.1, phpMyAdmin was updated to 4.1.14.7. For openSUSE 13.2, phpMyAdmin was updated to to 4.2.12. These security issues were fixed : - XSS vulnerability in error reporting functionality CVE-2014-8960. - Local file inclusion...

Updated phpmyadmin package fixes CVE-2014-9218

Updated phpmyadmin package fixes security vulnerabilities: In phpMyAdmin before 4.1.14.8, with very long passwords it was possible to initiate a denial of service attack on phpMyAdmin CVE-2014-9218...

FreeBSD : phpMyAdmin -- XSS and DoS vulnerabilities (c9c46fbf-7b83-11e4-a96e-6805ca0b3d42)

The phpMyAdmin development team reports : DoS vulnerability with long passwords. With very long passwords it was possible to initiate a denial of service attack on phpMyAdmin. We consider this vulnerability to be serious. This vulnerability can be mitigated by configuring throttling in the...

phpMyAdmin -- XSS and DoS vulnerabilities

The phpMyAdmin development team reports: DoS vulnerability with long passwords. With very long passwords it was possible to initiate a denial of service attack on phpMyAdmin. We consider this vulnerability to be serious. This vulnerability can be mitigated by configuring throttling in the...

XSS vulnerability in redirection mechanism.

PMASA-2014-18 Announcement-ID: PMASA-2014-18 Date: 2014-12-03 Summary XSS vulnerability in redirection mechanism. Description With a crafted URL it was possible to trigger an XSS in the redirection mechanism in phpMyAdmin. Severity We consider this vulnerability to be non critical. Affected...

DoS vulnerability with long passwords.

PMASA-2014-17 Announcement-ID: PMASA-2014-17 Date: 2014-12-03 Summary DoS vulnerability with long passwords. Description With very long passwords it was possible to initiate a denial of service attack on phpMyAdmin. Severity We consider this vulnerability to be serious. Mitigation factor This...

Fedora 20 : phpMyAdmin-4.2.12-1.fc20 (2014-15538)

phpMyAdmin 4.2.12.0 2014-11-20 ================================ - Blank/white page when JavaScript disabled - Multi row actions cause full page reloads - ReferenceError: targeurl is not defined - Incorrect text/icon display in Tracking report - Recordset return from procedure display nothing - Ed...

Fedora 19 : phpMyAdmin-4.2.12-1.fc19 (2014-15535)

phpMyAdmin 4.2.12.0 2014-11-20 ================================ - Blank/white page when JavaScript disabled - Multi row actions cause full page reloads - ReferenceError: targeurl is not defined - Incorrect text/icon display in Tracking report - Recordset return from procedure display nothing - Ed...

Fedora Update for phpMyAdmin FEDORA-2014-15538

Check the version of phpMyAdmin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868533";...

Fedora Update for phpMyAdmin FEDORA-2014-15535

Check the version of phpMyAdmin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868529";...