phpMyAdmin < 2.6.1 pl2 Libraries and Themes Multiple XSS

The installed version of phpMyAdmin suffers from multiple cross-site scripting vulnerabilities due to its failure to sanitize user input in several PHP scripts used as libraries and themes. A remote attacker may use these issues to cause arbitrary code to be executed in a user's browser, to steal...

[SECURITYREASON.COM] phpMyAdmin 2.6.1 Remote file inclusion and XSS cXIb8O3.4

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 phpMyAdmin 2.6.1 Remote file inclusion and XSS cXIb8O3.4 Author: Maksymilian Arciemowicz cXIb8O3 Date: 24.2.2005 - --- 0.Description --- phpMyAdmin 2.6.1 is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently i...

phpMyAdmin Detection

The remote host is running phpMyAdmin, a web-based MySQL administration tool written in PHP. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17219; scriptversion"1.29"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01";...

CVE-2005-0543

Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...

CVE-2005-0543

CVE-2005-0543 = cross-site scripting in phpMyAdmin 2.6.1. Vulnerable via parameters in select_server.lib.php (strServer, cfg[BgcolorOne], strServerChoice), display_tbl_links.lib.php (bg_color, row_no), left_font_family/theme_left.css.php, and right_font_family/theme_right.css.php. Causes remote H...

CVE-2005-0544

phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to 1 sqlvalidator.lib.php, 2 sqlparser.lib.php, 3 selecttheme.lib.php, 4 selectlang.lib.php, 5 relationcleanup.lib.php, 6 headermetastyle.inc.php, 7 getforeign.lib.php, 8 displaytbllinks.lib.php, 9...

CVE-2005-0544

phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to 1 sqlvalidator.lib.php, 2 sqlparser.lib.php, 3 selecttheme.lib.php, 4 selectlang.lib.php, 5 relationcleanup.lib.php, 6 headermetastyle.inc.php, 7 getforeign.lib.php, 8 displaytbllinks.lib.php, 9...

CVE-2005-0543

Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...

CVE-2005-0543

Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...

CVE-2005-0544

CVE-2005-0544 concerns phpMyAdmin 2.6.1. The affected component is phpMyAdmin’s web interface, where direct requests to 15 internal library/ini files (e.g., sqlvalidator.lib.php, select_lang.lib.php, setup.php, cookie.auth.lib.php, etc.) can trigger error messages that leak the server’s full path...

CVE-2005-0543

Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...

DEBIAN-CVE-2005-0543

Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...

CVE-2005-0543

Cross-site scripting XSS vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via 1 the strServer, cfgBgcolorOne, or strServerChoice parameters in selectserver.lib.php, 2 the bgcolor or rowno parameters in displaytbllinks.lib.php, the leftfontfamily...

phpMyAdmin 2.6 - &#039;display_tbl_links.lib.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may...

phpMyAdmin 2.6 - display_tbl_links.lib.php Multiple Cross-Site Scripting Vulnerabilities

phpMyAdmin 2.6 - displaytbllinks.lib.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-suppli...

phpMyAdmin 2.6 - select_server.lib.php Multiple Cross-Site Scripting Vulnerabilities

phpMyAdmin 2.6 - selectserver.lib.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied...

[SA14382] phpMyAdmin Local File Inclusion and Cross-Site Scripting

TITLE: phpMyAdmin Local File Inclusion and Cross-Site Scripting SECUNIA ADVISORY ID: SA14382 VERIFY ADVISORY: http://secunia.com/advisories/14382/ CRITICAL: Moderately critical IMPACT: Cross Site Scripting, Exposure of sensitive information WHERE: From remote SOFTWARE: phpMyAdmin 2.x...

phpMyAdmin 2.6 - Multiple Local File Inclusions

phpMyAdmin 2.6 - Multiple Local File Inclusions source: https://www.securityfocus.com/bid/12645/info phpMyAdmin is affected by multiple local file include vulnerabilities. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it in a PHP...

phpMyAdmin 2.6 - theme_left.css.php Multiple Cross-Site Scripting Vulnerabilities

phpMyAdmin 2.6 - themeleft.css.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied inp...

phpMyAdmin 2.6 - &#039;select_server.lib.php&#039; Multiple Cross-Site Scripting Vulnerabilities

source: https://www.securityfocus.com/bid/12644/info Multiple remote cross-site scripting vulnerabilities affect phpMyAdmin. These issues are due to a failure of the application to properly sanitize user-supplied input prior to including it in dynamically generated Web content. An attacker may...