Fedora Update for phpMyAdmin FEDORA-2014-10981

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Glype 1.4.9 - Local Address Filter Bypass

No description provided by source. ------------------------------------------------------------------------ Glype proxy local address filter bypass ------------------------------------------------------------------------ Securify, September 2014...

Fedora 19 : phpMyAdmin-4.2.8.1-2.fc19 (2014-10989)

phpMyAdmin 4.2.8.1 2014-09-13 =============================== - security DOM based XSS that results to a CSRF that creates a ROOT account in certain conditions Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

Several vulnerabilities in extension phpMyAdmin (phpmyadmin)

It has been discovered that the extension "phpMyAdmin" phpmyadmin is susceptible to Cross-Site Scripting and Cross-Site Request Forgery. Release Date: September 26, 2014 Component Type: Third party extension. This extension is not a part of the TYPO3 default installation. Affected Versions: versi...

[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.8.1-2.fc20

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.8.1-2.fc19

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2014:183)

Updated phpmyadmin package fixes security vulnerability : In phpMyAdmin before 4.2.9, by deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a DOM based XSS vulnerability in the micro history feature...

[SECURITY] Fedora 21 Update: phpMyAdmin-4.2.8.1-2.fc21

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

Fedora 21 : phpMyAdmin-4.2.8.1-2.fc21 (2014-10885)

phpMyAdmin 4.2.8.1 2014-09-13 =============================== - security DOM based XSS that results to a CSRF that creates a ROOT account in certain conditions Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

openSUSE Security Update : phpMyAdmin (openSUSE-SU-2014:1150-1)

phpMyAdmin was updated to 4.1.14.4 2014-09-13 fixing bugs and security issues. - PMASA-2014-10 CVE-2014-6300, CWE-661 CWE-352 http://www.phpmyadmin.net/homepage/security/PMASA-2014- 10.php A DOM based XSS was fixed that resulted to a CSRF that creates a ROOT account in certain conditions...

MGASA-2014-0383 Updated phpmyadmin package fix CVE-2014-6300

Updated phpmyadmin package fixes security vulnerability: In phpMyAdmin before 4.1.14.4, by deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a DOM based XSS vulnerability in the micro history featu...

Updated phpmyadmin package fix CVE-2014-6300

Updated phpmyadmin package fixes security vulnerability: In phpMyAdmin before 4.1.14.4, by deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a DOM based XSS vulnerability in the micro history featu...

PhpMyAdmin REQUEST Superglobal Remote Variable Manipulation

A remote variable manipulation vulnerability has been reported in PhpMyAdmin. The vulnerability is due to insufficient validation of request parameters. A remote attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation could result in...

PhpMyAdmin SERVER Superglobal Remote Variable Manipulation

A remote variable manipulation vulnerability has been reported in PhpMyAdmin. The vulnerability is due to insufficient validation of request parameters. A remote attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation could result in...

phpMyAdmin 4.0.x < 4.0.10.3 / 4.1.x < 4.1.14.4 / 4.2.x < 4.2.8.1 Micro History XSS and XSRF Vulnerabilities (PMASA-2014-10)

According to its self-reported version number, the phpMyAdmin application hosted on the remote web server is 4.0.x prior to 4.0.10.3, 4.1.x prior to 4.1.14.4, or 4.2.x prior to 4.2.8.1. It is, therefore, affected by an input-validation error related to the 'micro history' feature that could allow...

FreeBSD : phpMyAdmin -- XSRF/CSRF due to DOM based XSS in the micro history feature (cc627e6c-3b89-11e4-b629-6805ca0b3d42)

The phpMyAdmin development team reports : XSRF/CSRF due to DOM based XSS in the micro history feature. By deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a DOM based XSS vulnerability in the micr...

PhpMyAdmin ENV Superglobal Remote Variable Manipulation (CVE-2010-3065)

A remote variable manipulation vulnerability has been reported in PhpMyAdmin. The vulnerability is due to insufficient validation of request parameters. A remote attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation could result in...

PhpMyAdmin GLOBALS Superglobal Remote Variable Manipulation

A remote variable manipulation vulnerability has been reported in PhpMyAdmin. The vulnerability is due to insufficient validation of request parameters. A remote attacker could exploit this vulnerability by sending a malicious request to the server. Successful exploitation could result in...

XSRF/CSRF due to DOM based XSS in the micro history feature

PMASA-2014-10 Announcement-ID: PMASA-2014-10 Date: 2014-09-13 Summary XSRF/CSRF due to DOM based XSS in the micro history feature Description By deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a...

phpMyAdmin -- XSRF/CSRF due to DOM based XSS in the micro history feature

The phpMyAdmin development team reports: XSRF/CSRF due to DOM based XSS in the micro history feature. By deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a DOM based XSS vulnerability in the micro...