69 matches found
Design/Logic Flaw
sqlparse is a non-validating SQL parser module for Python. In sqlparse versions 0.4.0 and 0.4.1 there is a regular Expression Denial of Service in sqlparse vulnerability. The regular expression may cause exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments. On...
CVE-2021-32839
CVE-2021-32839 affects the Python package sqlparse . The vulnerability is a ReDoS in the StripComments regex used by the formatting path for removing comments, causing exponential backtracking on strings containing many repetitions of '\r\n' in SQL comments in versions 0.4.0 and 0.4.1. The issue ...
Unauthorized Access Vulnerability in Alibaba Druid Monitor
Druid is a JDBC component library , including database connection pools , SQL Parser and other components . An unauthorized access vulnerability exists in Alibaba Druid Monitor, which can be exploited by an attacker to obtain sensitive information...
Security update for phpMyAdmin (moderate)
openSUSE Security Update: Security update for phpMyAdmin Announcement ID: openSUSE-SU-2019:1689-1 Rating: moderate References: 1137496 1137497 Cross-References: CVE-2019-11768 CVE-2019-12616 Affected Products: openSUSE Leap 42.3 openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15 SUSE...
Fedora Update for php-phpmyadmin-sql-parser FEDORA-2019-33649e2e64
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : php-phpmyadmin-sql-parser / phpMyAdmin (2019-13d2ba0aed)
Upstream announcement : Welcome to phpMyAdmin 4.9.0.1, a bugfix release that includes important security fixes. This release fixes two security vulnerabilities : - PMASA-2019-3 is a SQL injection flaw in the Designer feature - PMASA-2019-4 is a CSRF attack that's possible through the 'cookie' log...
Fedora Update for php-phpmyadmin-sql-parser FEDORA-2019-13d2ba0aed
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora Update for php-phpmyadmin-sql-parser FEDORA-2018-147d33439c
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 26 Update: php-phpmyadmin-sql-parser-4.2.4-3.fc26
A validating SQL lexer and parser with a focus on MySQL dialect. This library was originally developed for phpMyAdmin during the Google Summer of Code 2015. Autoloader: /usr/share/php/PhpMyAdmin/SqlParser/autoload.php...
Fedora Update for php-phpmyadmin-sql-parser FEDORA-2018-a1650ed14f
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
phpMyAdmin Multiple Vulnerabilities -01 (May 2016) - Linux
phpMyAdmin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:phpmyadmin:phpmyadmin";...
Fedora Update for php-udan11-sql-parser FEDORA-2016-02
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : php-udan11-sql-parser-3.4.0-1.fc22 / phpMyAdmin-4.5.5.1-1.fc22 (2016-02ee5b4002)
phpMyAdmin 4.5.5.1 2016-02-29 =============================== This release fixes multiple XSS vulnerabilities, please see PMASA-2016-10, PMASA-2016-11, and PMASA-2016-12 for details; additionally it fixes a vulnerability allowing man- in-the-middle attack on an API call to GitHub, see PMASA-2016-...
Fedora 23 : php-udan11-sql-parser-3.4.0-1.fc23 / phpMyAdmin-4.5.5.1-1.fc23 (2016-65da02b95c)
phpMyAdmin 4.5.5.1 2016-02-29 =============================== This release fixes multiple XSS vulnerabilities, please see PMASA-2016-10, PMASA-2016-11, and PMASA-2016-12 for details; additionally it fixes a vulnerability allowing man- in-the-middle attack on an API call to GitHub, see PMASA-2016-...
Fedora Update for php-udan11-sql-parser FEDORA-2016-65
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 21 : php-udan11-sql-parser-3.0.4-1.fc21 / phpMyAdmin-4.5.1-1.fc21 (2015-5c06260c4b)
phpMyAdmin 4.5.1.0 2015-10-23 =============================== - Invalid argument supplied for foreach - arraykeyexists expects parameter 2 to be array - Notice Undefined index: dropdatabase - Server variable edition in ANSIQUOTES sqlmode: losing current value - Propose table structure broken -...
phpMyAdmin SQL Parser Cross-Site Scripting Vulnerability
phpMyAdmin is a free, web-based MySQL database management tool developed by the phpMyAdmin team. The tool is capable of creating and deleting databases, creating, deleting, and modifying database tables, executing SQL script commands, and more. A cross-site scripting vulnerability exists in the S...
CVE-2016-2559
Cross-site scripting XSS vulnerability in the format function in libraries/sql-parser/src/Utils/Error.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query...
CVE-2016-2559
Cross-site scripting XSS vulnerability in the format function in libraries/sql-parser/src/Utils/Error.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query...
UBUNTU-CVE-2016-2559
Cross-site scripting XSS vulnerability in the format function in libraries/sql-parser/src/Utils/Error.php in the SQL parser in phpMyAdmin 4.5.x before 4.5.5.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted query...