[SECURITY] Fedora 19 Update: phpMyAdmin-3.5.8.1-1.fc19

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 18 Update: phpMyAdmin-3.5.8.1-1.fc18

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.8.1-1.fc17

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin

waraxe-2013-SA103 - Multiple Vulnerabilities in phpMyAdmin =============================================================================== Author: Janek Vind "waraxe" Date: 25. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-103.html Description of vulnerable software:...

[ MDVSA-2013:160 ] phpmyadmin

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:160 http://www.mandriva.com/en/support/security/ Package : phpmyadmin Date : May 3, 2013 Affected: Business Server 1.0 Problem Description: Updated phpmyadmin package fixes security vulnerabilities: In some...

[waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7

waraxe-2013-SA102 - Reflected XSS in phpMyAdmin 3.5.7 =============================================================================== Author: Janek Vind "waraxe" Date: 09. April 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-102.html Description of vulnerable software: phpMyAdmi...

Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2013:160)

Updated phpmyadmin package fixes security vulnerabilities : In some PHP versions, the pregreplace\ function can be tricked into executing arbitrary PHP code on the server. This is done by passing a crafted argument as the regular expression, containing a null byte. phpMyAdmin does not correctly...

phpMyAdmin 3.5.x < 3.5.8.1 / 4.x < 4.0.0-rc3 Multiple Vulnerabilities (PMASA-2013-2 - PMASA-2013-5

According to its self-identified version number, the phpMyAdmin 3.5.x / 4.0.0 install hosted on the remote web server is earlier than 3.5.8.1 / 4.0.0-rc3 and is, therefore, affected by multiple vulnerabilities: - The 'pregreplace' fails to properly sanitize arguments, which can be used to for...

phpMyAdmin - &#039;preg_replace&#039; (Authenticated) Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'phpMyAdmin Authenticated Remote Code...

phpMyAdmin Authenticated Remote Code Execution Vulnerability

This Metasploit module exploits a PREGREPLACEEVAL vulnerability in phpMyAdmin's replaceprefixtbl within libraries/multsubmits.inc.php via dbsettings.php. This affects versions 3.5.x below 3.5.8.1 and 4.0.0 below 4.0.0-rc3. PHP versions greater than 5.4.6 are not vulnerable. This file is part of t...

phpMyAdmin Authenticated Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'phpMyAdmin Authenticated Remote Code...

phpMyAdmin preg_replace()远程PHP代码执行

BUGTRAQ ID: 59460 CVECAN ID: CVE-2013-3238 phpmyadmin是MySQL数据库的在线管理工具，主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。 phpMyAdmin 3.5.8、4.0.0-rc2及其他版本的pregreplace函数可被利用在服务器端执行任意PHP代码，攻击者用特制参数作为常规表达式，在此表达式内包含空字节，当phpMyAdmin使用"Replace table prefix"功能时，会错误地过滤传递到pregreplace的特制参数。导致在Web服务器上下文中执行任意PHP代码。 0...

phpMyAdmin 'filename_template' 远程代码执行(CVE-2013-3239)

BUGTRAQ ID: 59465 CVECAN ID: CVE-2013-3239 phpmyadmin是MySQL数据库的在线管理工具，主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。 phpMyAdmin 3.5.x、4.x在配置了SaveDir目录后，通过导出文件文件名的双扩展名，经过身份验证的远程用户可以执行任意代码，导致Apache HTTP服务器将此文件解释为可执行文件。例如：.php.sql文件名。 0 phpMyAdmin 3.x phpMyAdmin 3.5.x 厂商补丁： phpMyAdmin ----------...

phpMyAdmin 'what'参数本地文件包含漏洞

BUGTRAQ ID: 59462 CVECAN ID: CVE-2013-3240 phpmyadmin是MySQL数据库的在线管理工具，主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。 phpMyAdmin 4.0.0-rc3之前版本的Exprot功能存在目录遍历漏洞，经过身份验证的远程用户通过指定特制导出类型的参数，利用此漏洞可以包含任意文件，导致任意代码执行。 Php script "export.php" line 20: ------------------------ source code start...

phpMyAdmin '$GLOBALS' 数组未授权访问漏洞(CVE-2013-3241)

BUGTRAQ ID: 59461 CVECAN ID: CVE-2013-3241 phpmyadmin是MySQL数据库的在线管理工具，主要功能包括在线创建数据表、运行SQL语句、搜索查询数据以及导入导出数据等。 phpMyAdmin 4.0.0-rc3之前版本内的export.php根据POST超全局数组的内容覆盖了全局变量，经过身份验证的远程用户通过特制的请求利用此漏洞注入任意值。 Php script "export.php" line 20: ------------------------ source code start...

phpMyAdmin Authenticated Remote Code Execution via preg_replace()

This module exploits a PREGREPLACEEVAL vulnerability in phpMyAdmin's replaceprefixtbl within libraries/multsubmits.inc.php via dbsettings.php This affects versions 3.5.x 5.4.6 are not vulnerable. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2013-3241

export.php aka the export script in phpMyAdmin 4.x before 4.0.0-rc3 overwrites global variables on the basis of the contents of the POST superglobal array, which allows remote authenticated users to inject values via a crafted request...

CVE-2013-3239

phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTT...

CVE-2013-3238

phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3 allows remote authenticated users to execute arbitrary code via a /e\x00 sequence, which is not properly handled before making a pregreplace function call within the "Replace table prefix" feature...

CVE-2013-3239

phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTT...