228 matches found
glibc/iconv Vulnerability (CVE-2024-2961)
PMASA-2025-3 Announcement-ID: PMASA-2025-3 Date: 2025-01-21 Summary glibc/iconv Vulnerability CVE-2024-2961 Description There was a vulnerability found in glibc/iconv that could potentially affect phpMyAdmin under specific circumstances. By default, phpMyAdmin is not vulnerable, but since we use...
XSS when checking tables
PMASA-2025-1 Announcement-ID: PMASA-2025-1 Date: 2025-01-20 Updated: 2025-01-23 Summary XSS when checking tables Description An XSS vulnerability has been discovered with the phpMyAdmin "Check tables" feature. A specially–crafted table or database name could be used to trigger an XSS attack...
XSS on Insert page
PMASA-2025-2 Announcement-ID: PMASA-2025-2 Date: 2025-01-20 Updated: 2025-01-23 Summary XSS on Insert page Description An XSS vulnerability has been discovered with the phpMyAdmin "Insert" tab. Severity We consider this vulnerability to be of moderate severity. Affected Versions phpMyAdmin versio...
XSS vulnerability in drag-and-drop upload
PMASA-2023-1 Announcement-ID: PMASA-2023-1 Date: 2023-02-07 Summary XSS vulnerability in drag-and-drop upload Description An XSS vulnerability has been discovered where an authenticated user can trigger an XSS attack by uploading a specially-crafted .sql file through the drag-and-drop interface...
Multiple XSS and HTML injection attacks in setup script
PMASA-2022-2 Announcement-ID: PMASA-2022-2 Date: 2022-01-10 Summary Multiple XSS and HTML injection attacks in setup script Description A series of weaknesses has been discovered that could allow an attacker to inject malicious code in to aspects of the setup script, which can allow XSS or HTML...
Two factor authentication bypass
PMASA-2022-1 Announcement-ID: PMASA-2022-1 Date: 2022-01-10 Summary Two factor authentication bypass Description There is a sequence of actions a valid user can take that will allow them to bypass two factor authentication for that account. A user must first connect to phpMyAdmin presumably using...
SQL injection vulnerability in SearchController
PMASA-2020-6 Announcement-ID: PMASA-2020-6 Date: 2020-10-10 Summary SQL injection vulnerability in SearchController Description An SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL i...
XSS relating to the transformation feature
PMASA-2020-5 Announcement-ID: PMASA-2020-5 Date: 2020-10-10 Summary XSS relating to the transformation feature Description A vulnerability was discovered where an attacker can cause an XSS attack through the transformation feature. If an attacker sends a crafted link to the victim with the...
SQL injection with processing username
PMASA-2020-2 Announcement-ID: PMASA-2020-2 Date: 2020-03-20 Updated: 2020-03-22 Summary SQL injection with processing username Description An SQL injection vulnerability was found in how phpMyAdmin retrieves the current username. A malicious user with access to the server could create a...
SQL injection relating to data display
PMASA-2020-4 Announcement-ID: PMASA-2020-4 Date: 2020-03-20 Updated: 2020-03-22 Summary SQL injection relating to data display Description An SQL injection vulnerability was discovered where malicious code could be used to trigger an XSS attack through retrieving and displaying results. The attac...
SQL injection relating to searching
PMASA-2020-3 Announcement-ID: PMASA-2020-3 Date: 2020-03-20 Updated: 2020-03-22 Summary SQL injection relating to searching Description An SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions within...
SQL injection in user accounts page
PMASA-2020-1 Announcement-ID: PMASA-2020-1 Date: 2020-01-05 Summary SQL injection in user accounts page Description A SQL injection flaw has been discovered in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An...
SQL injection in Designer feature
PMASA-2019-5 Announcement-ID: PMASA-2019-5 Date: 2019-10-28 Summary SQL injection in Designer feature Description A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature. This is similar to PMASA-2019-2 and...
CSRF vulnerability in login form
PMASA-2019-4 Announcement-ID: PMASA-2019-4 Date: 2019-06-04 Summary CSRF vulnerability in login form Description A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken tag pointing at the...
SQL injection in Designer feature
PMASA-2019-3 Announcement-ID: PMASA-2019-3 Date: 2019-05-06 Summary SQL injection in Designer feature Description A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature. Severity We consider this vulnerabili...
SQL injection in Designer feature
PMASA-2019-2 Announcement-ID: PMASA-2019-2 Date: 2019-01-22 Summary SQL injection in Designer feature Description A vulnerability was reported where a specially crafted username can be used to trigger an SQL injection attack through the designer feature. Severity We consider this vulnerability to...
Arbitrary file read vulnerability
PMASA-2019-1 Announcement-ID: PMASA-2019-1 Date: 2019-01-21 Summary Arbitrary file read vulnerability Description When AllowArbitraryServer configuration set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. phpMyadmi...
XSRF/CSRF vulnerability in phpMyAdmin
PMASA-2018-7 Announcement-ID: PMASA-2018-7 Date: 2018-12-07 Summary XSRF/CSRF vulnerability in phpMyAdmin Description By deceiving a user to click on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages,...
XSS vulnerability in navigation tree
PMASA-2018-8 Announcement-ID: PMASA-2018-8 Date: 2018-12-07 Summary XSS vulnerability in navigation tree Description A Cross-Site Scripting vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a specially-crafted database/table name. Severity W...
Local file inclusion through transformation feature
PMASA-2018-6 Announcement-ID: PMASA-2018-6 Date: 2018-12-07 Summary Local file inclusion through transformation feature Description A flaw has been found where an attacker can exploit phpMyAdmin to leak the contents of a local file. The attacker must have access to the phpMyAdmin Configuration...
XSS in the import dialog
PMASA-2018-5 Announcement-ID: PMASA-2018-5 Date: 2018-08-21 Summary XSS in the import dialog Description A Cross-Site Scripting vulnerability was found in the file import feature, where an attacker can deliver a payload to a user through importing a specially-crafted file. Severity We consider th...
File inclusion and remote code execution attack
PMASA-2018-4 Announcement-ID: PMASA-2018-4 Date: 2018-06-19 Updated: 2018-06-21 Summary File inclusion and remote code execution attack Description A flaw has been discovered where an attacker can include view and potentially execute files on the server. The vulnerability comes from a portion of...
XSS in Designer feature
PMASA-2018-3 Announcement-ID: PMASA-2018-3 Date: 2018-06-19 Updated: 2018-06-21 Summary XSS in Designer feature Description A Cross-Site Scripting vulnerability was found in the Designer feature, where an attacker can deliver a payload to a user through a specially-crafted database name. Severity...
CSRF vulnerability allowing arbitrary SQL execution
PMASA-2018-2 Announcement-ID: PMASA-2018-2 Date: 2018-04-17 Summary CSRF vulnerability allowing arbitrary SQL execution Description By deceiving a user to click on a crafted URL, it is possible for an attacker to execute arbitrary SQL commands. Severity We consider this vulnerability to be...
Self XSS in central columns feature
PMASA-2018-1 Announcement-ID: PMASA-2018-1 Date: 2018-02-20 Summary Self XSS in central columns feature Description A self-cross site scripting XSS vulnerability has been reported relating to the central columns feature. Severity We consider this vulnerability to be of moderate severity. Mitigati...
XSRF/CSRF vulnerability in phpMyAdmin
PMASA-2017-9 Announcement-ID: PMASA-2017-9 Date: 2017-12-20 Updated: 2018-01-03 Summary XSRF/CSRF vulnerability in phpMyAdmin Description By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc...
Bypass $cfg['Servers'][$i]['AllowNoPassword']
PMASA-2017-8 Announcement-ID: PMASA-2017-8 Date: 2017-03-28 Updated: 2018-05-01 Summary Bypass $cfg'Servers'$i'AllowNoPassword' Description A vulnerability was discovered where the restrictions caused by $cfg'Servers'$i'AllowNoPassword' = false are bypassed under certain PHP versions. This can...
Open redirect
PMASA-2017-1 Announcement-ID: PMASA-2017-1 Date: 2017-01-24 Summary Open redirect Description It was possible to trick phpMyAdmin to redirect to insecure using special request path. Severity We consider this vulnerability to be non critical. Affected Versions All 4.6.x versions prior to 4.6.6,...
DOS in replication status
PMASA-2017-7 Announcement-ID: PMASA-2017-7 Date: 2017-01-24 Summary DOS in replication status Description It was possible to trigger DOS in replication status by specially crafted table name. Severity We consider this to be non critical. Affected Versions All 4.6.x versions prior to 4.6.6, 4.4.x...
Multiple vulnerabilities in setup script
PMASA-2016-44 Announcement-ID: PMASA-2016-44 Date: 2017-01-24 Summary Multiple vulnerabilities in setup script Description A server-side request forgery vulnerability was reported with the setup script. This flaw can allow an unauthenticated attacker to: 1. brute-force passwords of MYSQL servers...
CSS injection in themes
PMASA-2017-4 Announcement-ID: PMASA-2017-4 Date: 2017-01-24 Summary CSS injection in themes Description It was possible to cause CSS injection in themes by crafted cookie parameters. Severity We consider this to be non critical. Affected Versions All 4.6.x versions prior to 4.6.6, 4.4.x versions...
php-gettext code execution
PMASA-2017-2 Announcement-ID: PMASA-2017-2 Date: 2017-01-24 Summary php-gettext code execution Description The php-gettext library can suffer from a code execution vulnerability. However, there is no way to trigger this inside phpMyAdmin. Severity We consider this to be minor. Affected Versions...
SSRF in replication
PMASA-2017-6 Announcement-ID: PMASA-2017-6 Date: 2017-01-24 Summary SSRF in replication Description For a user with appropriate MySQL privileges it was possible to connect to arbitrary host. Severity We consider this to be non-critical. Mitigation factor The vulnerability is exposed only to MySQL...
Cookie attribute injection attack
PMASA-2017-5 Announcement-ID: PMASA-2017-5 Date: 2017-01-24 Summary Cookie attribute injection attack Description A vulnerability was found where, under some circumstances, an attacker can inject arbitrary values in the browser cookies. This was incompletely fixed in PMASA-2016-18. Severity We...
DOS vulnerabiltiy in table editing
PMASA-2017-3 Announcement-ID: PMASA-2017-3 Date: 2017-01-24 Summary DOS vulnerabiltiy in table editing Description It was possible to trigger recursive include operation by crafter parameters when editing table data. Severity We consider this to be non critical. Mitigation factor Do not click on...
Multiple DOS vulnerabilities
PMASA-2016-65 Announcement-ID: PMASA-2016-65 Date: 2016-11-25 Updated: 2016-12-06 Summary Multiple DOS vulnerabilities Description With a crafted request parameter value it is possible to initiate a denial of service attack in saved searches feature. With a crafted request parameter value it is...
CSRF token not stripped from the URL
PMASA-2016-71 Announcement-ID: PMASA-2016-71 Date: 2016-11-25 Updated: 2016-12-06 Summary CSRF token not stripped from the URL Description When the argseparator is different from its default value of &, the token was not properly stripped from the return URL of the preference import action...
Username rule matching issues
PMASA-2016-61 Announcement-ID: PMASA-2016-61 Date: 2016-11-25 Updated: 2016-12-06 Summary Username rule matching issues Description A vulnerability in username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution tim...
Multiple SQL injection vulnerabilities
PMASA-2016-69 Announcement-ID: PMASA-2016-69 Date: 2016-11-25 Updated: 2016-12-06 Summary Multiple SQL injection vulnerabilities Description With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the...
Bypass logout timeout
PMASA-2016-62 Announcement-ID: PMASA-2016-62 Date: 2016-11-25 Updated: 2016-12-06 Summary Bypass logout timeout Description With a crafted request parameter value it is possible to bypass the logout timeout. Severity We consider this vulnerability to be of moderate severity. Affected Versions All...
Multiple XSS vulnerabilities
PMASA-2016-64 Announcement-ID: PMASA-2016-64 Date: 2016-11-25 Updated: 2016-12-06 Summary Multiple XSS vulnerabilities Description Several XSS vulnerabilities have been reported, including an improper fix for PMASA-2016-10 and a weakness in a regular expression using in some JavaScript processing...
BBCode injection vulnerability
PMASA-2016-67 Announcement-ID: PMASA-2016-67 Date: 2016-11-25 Updated: 2016-12-06 Summary BBCode injection vulnerability Description With a crafted login request it is possible to inject BBCode in the login page. Severity We consider this vulnerability to be severe. Mitigation factor This exploit...
phpinfo information leak value of sensitive (HttpOnly) cookies
PMASA-2016-59 Announcement-ID: PMASA-2016-59 Date: 2016-11-25 Updated: 2016-12-06 Summary phpinfo information leak value of sensitive HttpOnly cookies Description phpinfo phpinfo.php shows PHP information including values of HttpOnly cookies. Severity We consider this vulnerability to be...
Incorrect serialized string parsing
PMASA-2016-70 Announcement-ID: PMASA-2016-70 Date: 2016-11-25 Updated: 2016-12-06 Summary Incorrect serialized string parsing Description Due to a bug in serialized string parsing, it was possible to bypass the protection offered by PMAsafeUnserialize function. Severity We consider this...
Multiple full path disclosure vulnerabilities
PMASA-2016-63 Announcement-ID: PMASA-2016-63 Date: 2016-11-25 Updated: 2016-12-06 Summary Multiple full path disclosure vulnerabilities Description By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which...
Bypass white-list protection for URL redirection
PMASA-2016-66 Announcement-ID: PMASA-2016-66 Date: 2016-11-25 Updated: 2016-12-06 Summary Bypass white-list protection for URL redirection Description Due to the limitation in URL matching, it was possible to bypass the URL white-list protection. Severity We consider this vulnerability to be of...
Open redirection
PMASA-2016-57 Announcement-ID: PMASA-2016-57 Date: 2016-11-25 Summary Open redirection Description A vulnerability was discovered where a user can be tricked in to following a link leading to phpMyAdmin, which after authentication redirects to another malicious site. The attacker must sniff the...
DOS vulnerability in table partitioning
PMASA-2016-68 Announcement-ID: PMASA-2016-68 Date: 2016-11-25 Updated: 2016-12-06 Summary DOS vulnerability in table partitioning Description With a very large request to table partitioning function, it is possible to invoke a Denial of Service DOS attack. Severity We consider this vulnerability ...
Username deny rules bypass (AllowRoot & Others) by using Null Byte
PMASA-2016-60 Announcement-ID: PMASA-2016-60 Date: 2016-11-25 Updated: 2016-12-06 Summary Username deny rules bypass AllowRoot & Others by using Null Byte Description It is possible to bypass AllowRoot restriction $cfg'Servers'$i'AllowRoot' and deny rules for username by using Null Byte in the...
Unsafe generation of blowfish secret
PMASA-2016-58 Announcement-ID: PMASA-2016-58 Date: 2016-11-25 Updated: 2016-12-06 Summary Unsafe generation of blowfish secret Description When the user does not specify a blowfishsecret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way th...