4627 matches found
Self-XSS due to unescaped HTML output in navigation items hiding feature.
PMASA-2014-3 Announcement-ID: PMASA-2014-3 Date: 2014-06-20 Summary Self-XSS due to unescaped HTML output in navigation items hiding feature. Description When hiding or unhiding a crafted table name in the navigation, it is possible to trigger an XSS. Severity We consider this vulnerability to be...
openSUSE Security Update : phpMyAdmin (openSUSE-SU-2012:1062-1)
phpMyAdmin was updated to 3.5.2.2 - fix for bnc776698, bnc776701 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-535. The text description of this plugin is C SUSE LLC...
openSUSE Security Update : phpMyAdmin (openSUSE-SU-2012:0494-1)
update to 3.4.10.2 - security Fixed local path disclosure vulnerability, see PMASA-2012-2 http://www.phpmyadmin.net/homepage/security/PMASA-2012- 2.php %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...
openSUSE Security Update : phpMyAdmin (openSUSE-SU-2012:1507-1)
This update of phpMyAdmin is a version upgrade to 3.5.3.0 to fix multiple XSS flaws. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-790. The text description of this plugin is C...
openSUSE Security Update : phpMyAdmin (openSUSE-2012-18)
update to 3.4.9 - bug 3442028 edit Inline editing enum fields with null shows no dropdown - bug 3442004 interface DB suggestion not correct for user with underscore - bug 3438420 core Magic quotes removed in PHP 5.4 - bug 3398788 session No feedback when result is empty signon authtype - bug...
openSUSE Security Update : phpMyAdmin (openSUSE-2011-14)
update to 3.4.7.1 fix for bnc728243 - security Fixed possible local file inclusion in XML import CVE-2011-4107, see PMASA-2011-17 http://www.phpmyadmin.net/homepage/security/PMASA-2011- 17.php %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
openSUSE Security Update : phpMyAdmin (openSUSE-2011-94)
update to 3.4.8 - bug 3425230 interface enum data split at space char more space to edit - bug 3426840 interface ENUM/SET editor can't handle commas in values - bug 3427256 interface no links to browse/empty views and tables - bug 3430377 interface Deleted search results remain visible - bug...
openSUSE Security Update : phpMyAdmin (openSUSE-SU-2013:1343-1)
This version upgrade of phpMyAdmin fixed various security issues SQL injection, XSS, full path disclosure, Clickjacking %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-647. The...
[ MDVSA-2014:046 ] phpmyadmin
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2014:046 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : February 21, 2014 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been discovered an...
PhpMyAdmin exploits concludes With Metasploit-vulnerability warning-the black bar safety net
A: affects versions: 3.5. x 3.5.8.1 and 4.0.0 4.0.0-rc3 Overview: PhpMyAdmin presence of a PREGREPLACEEVAL vulnerability Use module: exploit/multi/http/phpmyadminpregreplace CVE: CVE-2 0 1 3-3 2 3 8 II: effects version: phpMyAdmin v3. 5. 2. 2 Overview: PhpMyAdmin存在serversync.php Backdoor...
XAMPP跨站脚本和跨站请求伪造漏洞
Bugtraq ID:66680 XAMPP(Apache+MySQL+PHP+PERL)是一个建 XAMPP 软件站集成软件包。 XAMPP存在跨站脚本和跨站请求伪造漏洞,允许攻击者利用漏洞获取敏感信息,劫持用户会话或允许远程攻击者构建恶意URI,诱使用户解析,可以目标用户上下文执行恶意操作。 0 XAMPP & phpMyAdmin = 4.1.6 目前没有详细解决方案: http://www.apachefriends.org/en...
XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities (XSS & CSRF)
phpMyAdmin version 4.1.6 with XAMPP version 3.2.1 installed suffers from cross site request forgery and cross site scripting vulnerabilities. Title: XAMPP 3.2.1 & phpMyAdmin 4.1.6 "' in the url resulting in a reflected cross site scripting attack. The file...
XAMPP 3.2.1 phpMyAdmin 4.1.6 - Multiple Vulnerabilities
XAMPP 3.2.1 phpMyAdmin 4.1.6 - Multiple Vulnerabilities Title: XAMPP 3.2.1 & phpMyAdmin 4.1.6 = multiple vulnerabilities Date: 6/04/2014 Author: hackerDesk Software Link: http://www.apachefriends.org/en/xampp-windows.html Version: 3.2.1 & 4.1.6 Tested on: Windows 7 CVE : kuDos tO: Mayank...
XAMPP 3.2.1 & phpMyAdmin 4.1.6 - Multiple Vulnerabilities
Title: XAMPP 3.2.1 & phpMyAdmin 4.1.6 = multiple vulnerabilities Date: 6/04/2014 Author: hackerDesk Software Link: http://www.apachefriends.org/en/xampp-windows.html Version: 3.2.1 & 4.1.6 Tested on: Windows 7 CVE : kuDos tO: Mayank Kapoor@wHys0SerI0s Sujoy Chakravarti@sujoy3188, Gurjant Singh...
XAMPP 3.2.1 / phpMyAdmin 4.1.6 XSS / CSRF
Title: XAMPP 3.2.1 & phpMyAdmin 4.1.6 = multiple vulnerabilities Date: 6/04/2014 Author: Software Link: http://www.apachefriends.org/en/xampp-windows.html Version: 3.2.1 & 4.1.6 Tested on: Windows 7 CVE : ██░ ██ ▄▄▄ ▄████▄ ██ ▄█▀▓█████ ██▀███ ▓█████▄ ▓█████ ██████ ██ ▄█▀ ▓██░ ██▒▒████▄ ▒██▀ ▀█...
plexusCMS 0.5 - Cross-Site Scripting Remote Shell Credentials Leak
plexusCMS 0.5 - Cross-Site Scripting Remote Shell Credentials Leak Exploit Title: plexusCMS 0.5 XSS Remote Shell Exploit Google Dork: allinurl: plx-storage Date: 22.02.2013 Exploit Author: neglomaniac Vendor Homepage: http://plexus-cms.org/ Version: 0.5 --- FILES backdoor.php simple commend execu...
Web servers PHPMyAdmin Misconfiguration Code Injection
A code injection vulnerability has been reported in PHPMyAdmin. The vulnerability is due to PHPMyAdmin misconfiguration. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP request to the target...
phpMyAdmin 3.3.1 - 4.1.6 XSS
Binary data 8151.prm...
phpMyAdmin 3.5.x - 4.0.x < 4.0.5 'Header.class.php' Clickjacking Bypass
Binary data 8150.prm...
phpMyAdmin 3.5.x < 3.5.8.2 / 4.0.x < 4.0.4.2 Multiple Vulnerabilities
Binary data 8144.prm...