phpMyAdmin <= 3.0.1 'pmd_pdf.php' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/31928/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the browser of a...

CVE-2013-5003

Multiple SQL injection vulnerabilities in phpMyAdmin 3.5.x before 3.5.8.2 and 4.0.x before 4.0.4.2 allow remote authenticated users to execute arbitrary SQL commands via 1 the scale parameter to pmdpdf.php or 2 the pdfpagenumber parameter to schemaexport.php...

Updated phpmyadmin packages fix security vulnerabilities

Using a crafted SQL query, it was possible to produce an XSS on the SQL query form PMASA-2013-8CVE-2013-4995. In the setup/index.php, using a crafted hash with a Javascript event, untrusted JS code could be executed. In the Display chart view, a chart title containing HTML code was rendered...

DEBIAN-CVE-2008-4775

Cross-site scripting XSS vulnerability in pmdpdf.php in phpMyAdmin 3.0.0, and possibly other versions including 2.11.9.2 and 3.0.1, when registerglobals is enabled, allows remote attackers to inject arbitrary web script or HTML via the db parameter, a different vector than CVE-2006-6942 and...

phpMyAdmin 'pmd_pdf.php'跨站脚本漏洞

BUGTRAQ ID: 31928 CNCAN ID：CNCAN-2008102804 phpMyAdmin是一款基于WEB的MySQL管理程序。 phpMyAdmin 'pmdpdf.php'不正确处理用户输入，远程攻击者可以利用漏洞进行跨站脚本攻击，获得敏感信息。 'pmdpdf.php'脚本不正确处理用户提交给'db'参数的数据，提交恶意脚本代码作为参数，并诱使用户访问，可导致获得目标用户敏感信息。 phpMyAdmin 3.0.1 phpMyAdmin 3.0 目前没有解决方案提供： http://www.phpmyadmin.net/...