40 matches found
EUVD-2011-2697
Malware in sbrugna...
phpMyAdmin remote variable manipulation
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted...
GHSA-VQCM-R62W-W437 phpMyAdmin remote variable manipulation
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted...
phpMyAdmin 3.x < 3.3.10.3, 3.4.x < 3.4.3.2 Multiple Vulnerabilities (PMASA-2011-9, PMASA-2011-12) - Linux
phpMyAdmin is prone to multiple vulnerabilities: - a Cross-Site Scripting XSS vulnerability in table Print view - possible superglobal and local variables manipulation in swekey authentication. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced...
VulnCheck KEV: CVE-2011-2505
libraries/auth/swekey/swekey.auth.lib.php in the Swekey authentication feature in phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1 assigns values to arbitrary parameters referenced in the query string, which allows remote attackers to modify the SESSION superglobal array via a crafted...
phpMyAdmin 3.3.x / 3.4.x < 3.3.10.2 / 3.4.3.1 Multiple Vulnerabilities (PMASA-2011-5 - PMASA-2011-8)
The remote host contains a version of phpMyAdmin - 3.3.x less than 3.3.10.2 or 3.4.x less than 3.4.3.1 - that is affected by multiple vulnerabilities : - An error in the file 'libraries/auth/swekey/swekey.auth.lib.php' allows an attacker to modify the 'SESSION' superglobal array. CVE-2011-2505 - ...
PhpMyAdmin of 3. x Swekey remote code injection vulnerability and fix-vulnerability warning-the black bar safety net
? php echo phpsapiname!==' cli'?'& lt;/pre':"; ifphpsapiname==='cli' if! isset$argv1 output" Usage\n ".$ argv0." "; killme; $pmaurl = $argv1; else $pmaurl = isset$REQUEST'url'?$ REQUEST'url':"; $code = 'foreach$GET as $k=$vif$k==="eval"eval$v;'; $cookie = null; $token = null; if!...
Mandriva Update for phpmyadmin MDVSA-2011:124 (phpmyadmin)
Check for the Version of phpmyadmin OpenVAS Vulnerability Test Mandriva Update for phpmyadmin MDVSA-2011:124 phpmyadmin Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modif...
CVE-2011-2719
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...
CVE-2011-2719
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...
DEBIAN-CVE-2011-2719
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...
CVE-2011-2719
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...
Sql injection
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...
CVE-2011-2719
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...
CVE-2011-2719
CVE-2011-2719 affects phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2. The vulnerability arises from improper handling of sessions associated with Swekey authentication in libraries/auth/swekey/swekey.auth.lib.php, enabling remote attackers to modify the SESSION superglobal (and other rel...
CVE-2011-2719
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain...
[SECURITY] [DSA 2286-1] phpmyadmin security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2286-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 26, 2011 http://www.debian.org/security/faq -...
PT-2011-4041 · Phpmyadmin · Phpmyadmin
Name of the Vulnerable Software and Affected Versions: phpMyAdmin versions 3.x prior to 3.3.10.3 phpMyAdmin versions 3.4.x prior to 3.4.3.2 Description: The issue is related to the management of sessions associated with Swekey authentication in the phpMyAdmin software. This allows remote attacker...
[SECURITY] [DSA 2286-1] phpmyadmin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2286-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst July 26, 2011 http://www.debian.org/security/faq -...
FreeBSD : phpmyadmin -- multiple vulnerabilities (d79fc873-b5f9-11e0-89b4-001ec9578670)
The phpMyAdmin development team reports : XSS in table Print view. Via a crafted MIME-type transformation parameter, an attacker can perform a local file inclusion. In the 'relational schema' code a parameter was not sanitized before being used to concatenate a class name. The end result is a loc...