8 matches found
SUSE CVE-2005-3301
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to 1 left.php, 2 queryframe.php, or 3 serverdatabases.php...
phpMyAdmin 'server_databases.php' RCE Vulnerability
phpMyAdmin is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
libraries/databaseinterface.lib.php in phpMyAdmin before 2.11.9.1 allows remote authenticated users to execute arbitrary code via a request to serverdatabases.php with a sortby parameter containing PHP sequences, which are processed by createfunction...
phpMyAdmin 'server_databases.php'远程命令执行漏洞
BUGTRAQ ID: 31188 CNCAN ID:CNCAN-2008091608 phpMyAdmin是一款基于WEB的管理MySQL的应用程序。 phpMyAdmin 'serverdatabases.php'不正确处理用户提交的输入,登录phpMyAdmin的攻击者可以利用漏洞以应用程序权限执行任意代码。 如果PHP配置允许类似exec的命令,利用serverdatabases.php脚本可使登录phpMyAdmin的用户执行任意SHELL代码。 phpMyAdmin phpMyAdmin 2.11.9 phpMyAdmin phpMyAdmin 2.11.8 phpMyAdm...
phpmyadmin -- Code execution vulnerability
A phpMyAdmin security announcement: The serverdatabases.php script was vulnerable to an attack coming from a user who is already logged-on to phpMyAdmin, where he can execute shell code if the PHP configuration permits commands like exec...
Code execution vulnerability
PMASA-2008-7 Announcement-ID: PMASA-2008-7 Date: 2008-09-15 Updated: 2008-09-17 Summary Code execution vulnerability Description We received an advisory from Norman Hippert and we wish to thank him for his work. The serverdatabases.php script was vulnerable to an attack coming from a user who is...
CVE-2005-3301
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to 1 left.php, 2 queryframe.php, or 3 serverdatabases.php...
CVE-2005-3301
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin before 2.6.4-pl3 allow remote attackers to inject arbitrary web script or HTML via certain arguments to 1 left.php, 2 queryframe.php, or 3 serverdatabases.php...