Fedora 16 : phpMyAdmin-3.5.3-1.fc16 (2012-15725)

phpMyAdmin 3.5.3.0 2012-10-08 =============================== - interface Browse mode 'Show' button gives blank page if no results anymore - interface Copy Database Ajax feedback vanishes long before copying is done - interface GC-maxlifetime warning incorrectly displayed - interface Search fails...

[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.3-1.fc17

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

[SECURITY] Fedora 16 Update: phpMyAdmin-3.5.3-1.fc16

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

CVE-2012-5368

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks by modifying this code...

CVE-2012-5339

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of 1 an event, 2 a procedure, or 3 a trigger...

CVE-2012-5368

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks by modifying this code...

Cross site scripting

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks by modifying this code...

CVE-2012-5339

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of 1 an event, 2 a procedure, or 3 a trigger...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of 1 an event, 2 a procedure, or 3 a trigger...

CVE-2012-5339

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of 1 an event, 2 a procedure, or 3 a trigger...

CVE-2012-5339

CVE-2012-5339 concerns phpMyAdmin 3.5.x before 3.5.3, with multiple XSS flaws that allow remote authenticated users to inject arbitrary script via crafted names of (1) an event, (2) a procedure, or (3) a trigger. The affected product/version is phpMyAdmin 3.5.x prior to 3.5.3; advisories indicate...

CVE-2012-5368

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks by modifying this code...

CVE-2012-5339

Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.3 allow remote authenticated users to inject arbitrary web script or HTML via a crafted name of 1 an event, 2 a procedure, or 3 a trigger...

CVE-2012-5368

CVE-2012-5368 affects phpMyAdmin 3.5.x before 3.5.3. An underlying root cause is that the JavaScript code loaded from phpmyadmin.net over non-SSL sessions can be modified in transit, enabling cross-site scripting (XSS) via MITM. Exploitation details are not provided in the documents. The practica...

CVE-2012-5368

phpMyAdmin 3.5.x before 3.5.3 uses JavaScript code that is obtained through an HTTP session to phpmyadmin.net without SSL, which allows man-in-the-middle attackers to conduct cross-site scripting XSS attacks by modifying this code...

Oracle database to bypass login authentication-vulnerability warning-the black bar safety net

And a while back that phpmyadmin to bypass the verification is somewhat similar. An attacker can exploit this vulnerability to bypass authentication process and gain unauthorized access to the database. 1. --coding:utf8 -- 2. 3. import hashlib 4. from Crypto. Cipher import AES 5. 6. def...

phpMyAdmin 3.5.x < 3.5.3 Multiple Vulnerabilities (PMASA-2012-6 - PMASA-2012-7)

According to its self-identified version number, the phpMyAdmin 3.5.x install hosted on the remote web server is earlier than 3.5.3 and is, therefore, affected by multiple vulnerabilities : - When creating or modifying a trigger, event, or procedure with a crafted name, it is possible for a user ...

FreeBSD Ports: phpMyAdmin

The remote host is missing an update to the system as announced in the referenced advisory. VID ef417da3-1640-11e2-999b-e0cb4e266481 OpenVAS Vulnerability Test $ Description: Auto generated from VID ef417da3-1640-11e2-999b-e0cb4e266481 Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

FreeBSD Ports: phpMyAdmin

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

phpMyAdmin 3.5. x HTML injection vulnerability-vulnerability warning-the black bar safety net

Vulnerability version: phpMyAdmin 3.5. x Vulnerability description: Bugtraq ID:5 5 9 2 5 CVE ID:CVE-2 0 1 2-5 3 3 9 phpMyAdmin is a PHP-based MySQL management program. phpMyAdmin Trigger, Procedure and Event pages not correctly escape HTML output, use the special name creating/modifying a trigger...