FreeBSD : phpMyAdmin -- Content spoofing vulnerability (08d11134-79c5-11e5-8987-6805ca0b3d42)

The phpMyAdmin development team reports : This vulnerability allows an attacker to perform a content spoofing attack using the phpMyAdmin's redirection mechanism to external sites. We consider this vulnerability to be non critical since the spoofed content is escaped and no HTML injection is...

phpMyAdmin -- Content spoofing vulnerability

The phpMyAdmin development team reports: This vulnerability allows an attacker to perform a content spoofing attack using the phpMyAdmin's redirection mechanism to external sites. We consider this vulnerability to be non critical since the spoofed content is escaped and no HTML injection is...

Content spoofing vulnerability when redirecting user to an external site

PMASA-2015-5 Announcement-ID: PMASA-2015-5 Date: 2015-10-23 Summary Content spoofing vulnerability when redirecting user to an external site Description This vulnerability allows an attacker to perform a content spoofing attack using the phpMyAdmin's redirection mechanism to external sites...

Zpanel - Remote Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/phpexe' require 'nokogiri' require 'uri' class Metasploit3 'Zpanel Remote Unauthenticated RCE', 'Description' = %q This modul...

Mageia: Security Advisory (MGASA-2015-0366)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : phpMyAdmin (openSUSE-2015-629)

phpMyAdmin was updated to the latest supported upstream release 4.4.14. Besides all upstream bug fixes and improvements, it fixes the following vulnerability : - CVE-2015-6830: reCaptcha bypass boo945420 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...

Zpanel Remote Unauthenticated RCE

This module exploits an information disclosure vulnerability in ZPanel. The vulnerability is due to a vulnerable version of pChart used by ZPanel that allows unauthenticated users to read arbitrary files remotely on the file system. This particular module utilizes this vulnerability to identify t...

Gentoo Security Advisory GLSA 201505-03

Gentoo Linux Local Security Checks GLSA 201505-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Gentoo Security Advisory GLSA 201311-02

Gentoo Linux Local Security Checks GLSA 201311-02 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Fedora 23 : phpMyAdmin-4.4.14.1-1.fc23 (2015-15384)

phpMyAdmin 4.4.14.1 2015-09-08 ================================ - security reCaptcha bypass Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

[SECURITY] Fedora 23 Update: phpMyAdmin-4.4.14.1-1.fc23

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

phpMyAdmin 4.3.x < 4.3.13.2 / 4.4.x < 4.4.14.1 reCaptcha Bypass (PMASA-2015-4)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.3.x prior to 4.3.13.2 or 4.4.x prior to 4.4.14.1. It is, therefore, affected by a security bypass vulnerability related to reCaptcha processing. An unauthenticated, remote attacker can...

phpMyAdmin Security Bypass Vulnerability

phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. A security vulnerability in the libraries/plugins/auth/AuthenticationCookie.class.php script in phpMyAdmin versions 4.3.13.2 prior to 4.3.x and 4.4.14.1 prior to 4.4.x can be exploited by a remote...

DEBIAN-CVE-2015-6830

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha...

CVE-2015-6830

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha...

CVE-2015-6830

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha...

CVE-2015-6830

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha...

UBUNTU-CVE-2015-6830

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha...

Design/Logic Flaw

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha...

EUVD-2022-5294

libraries/plugins/auth/AuthenticationCookie.class.php in phpMyAdmin 4.3.x before 4.3.13.2 and 4.4.x before 4.4.14.1 allows remote attackers to bypass a multiple-reCaptcha protection mechanism against brute-force credential guessing by providing a correct response to a single reCaptcha...