14 matches found
EUVD-2010-2794
Malware in sbrugna...
EUVD-2014-4872
Malware in sbrugna...
SUSE CVE-2014-4955
Cross-site scripting XSS vulnerability in the PMATRIgetRowForList function in libraries/rte/rtelist.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that i...
GHSA-Q7V2-W38R-PV7V phpMyAdmin Multiple XSS Vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations 1 TRUNCATE or 2 DROP link for a crafted table name, 3 the Add Trigger popup within a Triggers page that references...
HackerOne: Reflected File Download
Info: Reflected File Download is a new web attack vector. It allows an attacker to craft a malicious file and present it to a victim, but there is no file present at the server. It was recently published at the BlackHat Eupore 2014 by Oren Hafif. Link to his presentation is given at the end...
CVE-2014-4955
Cross-site scripting XSS vulnerability in the PMATRIgetRowForList function in libraries/rte/rtelist.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that i...
DEBIAN-CVE-2014-4955
Cross-site scripting XSS vulnerability in the PMATRIgetRowForList function in libraries/rte/rtelist.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that i...
UBUNTU-CVE-2014-4955
Cross-site scripting XSS vulnerability in the PMATRIgetRowForList function in libraries/rte/rtelist.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that i...
CVE-2014-4955
Cross-site scripting XSS vulnerability in the PMATRIgetRowForList function in libraries/rte/rtelist.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that i...
CVE-2014-4955
Cross-site scripting XSS vulnerability in the PMATRIgetRowForList function in libraries/rte/rtelist.lib.php in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allows remote authenticated users to inject arbitrary web script or HTML via a crafted trigger name that i...
CVE-2012-4579
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations 1 TRUNCATE or 2 DROP link for a crafted table name, 3 the Add Trigger popup within a Triggers page that references...
CVE-2012-4579
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 3.5.x before 3.5.2.2 allow remote authenticated users to inject arbitrary web script or HTML via a Table Operations 1 TRUNCATE or 2 DROP link for a crafted table name, 3 the Add Trigger popup within a Triggers page that references...
DEBIAN-CVE-2010-2790
Multiple cross-site scripting XSS vulnerabilities in the formatQuery function in frontends/php/include/classes/class.curl.php in Zabbix before 1.8.3rc1 allow remote attackers to inject arbitrary web script or HTML via the 1 filterset, 2 showdetails, 3 filterrst, or 4 txtselect parameters to the...
CVE-2010-2790
Multiple cross-site scripting XSS vulnerabilities in the formatQuery function in frontends/php/include/classes/class.curl.php in Zabbix before 1.8.3rc1 allow remote attackers to inject arbitrary web script or HTML via the 1 filterset, 2 showdetails, 3 filterrst, or 4 txtselect parameters to the...