228 matches found
Possible session manipulation in Swekey authentication.
PMASA-2011-5 Announcement-ID: PMASA-2011-5 Date: 2011-07-02 Updated: 2011-07-03 Summary Possible session manipulation in Swekey authentication. Description It was possible to manipulate the PHP session superglobal using some of the Swekey authentication code. This could open a path for other...
Local file inclusion through transformation feature
PMASA-2018-6 Announcement-ID: PMASA-2018-6 Date: 2018-12-07 Summary Local file inclusion through transformation feature Description A flaw has been found where an attacker can exploit phpMyAdmin to leak the contents of a local file. The attacker must have access to the phpMyAdmin Configuration...
Open redirect
PMASA-2017-1 Announcement-ID: PMASA-2017-1 Date: 2017-01-24 Summary Open redirect Description It was possible to trick phpMyAdmin to redirect to insecure using special request path. Severity We consider this vulnerability to be non critical. Affected Versions All 4.6.x versions prior to 4.6.6,...
Username rule matching issues
PMASA-2016-61 Announcement-ID: PMASA-2016-61 Date: 2016-11-25 Updated: 2016-12-06 Summary Username rule matching issues Description A vulnerability in username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution tim...
Multiple XSS vulnerabilities
PMASA-2016-31 Announcement-ID: PMASA-2016-31 Date: 2016-07-11 Summary Multiple XSS vulnerabilities Description XSS vulnerabilities were discovered in: The database privilege check The "Remove partitioning" functionality Specially crafted database names can trigger the XSS attack. Severity We...
Multiple SQL injection vulnerabilities
PMASA-2016-69 Announcement-ID: PMASA-2016-69 Date: 2016-11-25 Updated: 2016-12-06 Summary Multiple SQL injection vulnerabilities Description With a crafted username or a table name, it was possible to inject SQL statements in the tracking functionality that would run with the privileges of the...
Denial of service (DOS) attack in transformation feature
PMASA-2016-41 Announcement-ID: PMASA-2016-41 Date: 2016-07-14 Summary Denial of service DOS attack in transformation feature Description A vulnerability was found in the transformation feature allowing a user to trigger a denial-of-service DOS attack against the server. Severity We consider this...
Multiple XSS vulnerabilities
PMASA-2016-38 Announcement-ID: PMASA-2016-38 Date: 2016-07-13 Summary Multiple XSS vulnerabilities Description Multiple XSS vulnerabilities were found in the following areas: Navigation pane and database/table hiding feature. A specially-crafted database name can be used to trigger an XSS attack...
Full path disclosure vulnerability in SQL parser.
PMASA-2016-8 Announcement-ID: PMASA-2016-8 Date: 2016-01-24 Summary Full path disclosure vulnerability in SQL parser. Description By calling a particular script that is part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the...
Multiple full path disclosure vulnerabilities.
PMASA-2016-1 Announcement-ID: PMASA-2016-1 Date: 2016-01-23 Summary Multiple full path disclosure vulnerabilities. Description By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path...
HTTP Response Splitting and file inclusion vulnerability.
PMASA-2009-1 Announcement-ID: PMASA-2009-1 Date: 2009-03-24 Summary HTTP Response Splitting and file inclusion vulnerability. Description The BLOB streaming feature allowed attacker to include arbitrary files and inject HTTP headers using crafted URL parameters. Severity We consider this...
Two factor authentication bypass
PMASA-2022-1 Announcement-ID: PMASA-2022-1 Date: 2022-01-10 Summary Two factor authentication bypass Description There is a sequence of actions a valid user can take that will allow them to bypass two factor authentication for that account. A user must first connect to phpMyAdmin presumably using...
Several XSS vulnerabilities were found in the code.
PMASA-2010-5 Announcement-ID: PMASA-2010-5 Date: 2010-08-20 Summary Several XSS vulnerabilities were found in the code. Description It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages. Severity We consider this vulnerability to be serious. Mitigation...
Code execution vulnerability
PMASA-2008-7 Announcement-ID: PMASA-2008-7 Date: 2008-09-15 Updated: 2008-09-17 Summary Code execution vulnerability Description We received an advisory from Norman Hippert and we wish to thank him for his work. The serverdatabases.php script was vulnerable to an attack coming from a user who is...
XSS vulnerability in navigation tree
PMASA-2018-8 Announcement-ID: PMASA-2018-8 Date: 2018-12-07 Summary XSS vulnerability in navigation tree Description A Cross-Site Scripting vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a specially-crafted database/table name. Severity W...
Open redirection
PMASA-2016-57 Announcement-ID: PMASA-2016-57 Date: 2016-11-25 Summary Open redirection Description A vulnerability was discovered where a user can be tricked in to following a link leading to phpMyAdmin, which after authentication redirects to another malicious site. The attacker must sniff the...
Path traversal with SaveDir and UploadDir
PMASA-2016-37 Announcement-ID: PMASA-2016-37 Date: 2016-07-12 Summary Path traversal with SaveDir and UploadDir Description A vulnerability was reported with the %u username replacement functionality of the SaveDir and UploadDir features. When the username substitution is configured, a...
Unsafe handling of preg_replace parameters
PMASA-2016-27 Announcement-ID: PMASA-2016-27 Date: 2016-06-23 Summary Unsafe handling of pregreplace parameters Description In some versions of PHP, it's possible for an attacker to pass parameters to the pregreplace function which can allow the execution of arbitrary PHP code. This code is not...
XSS vulnerability in SQL editor.
PMASA-2016-9 Announcement-ID: PMASA-2016-9 Date: 2016-01-24 Summary XSS vulnerability in SQL editor. Description With a crafted SQL query, it is possible to trigger an XSS attack in the SQL editor. Severity We consider this vulnerability to be non-critical. Mitigation factor This vulnerability ca...
Local file inclusion vulnerability.
PMASA-2013-4 Announcement-ID: PMASA-2013-4 Date: 2013-04-24 Summary Local file inclusion vulnerability. Description In the Export feature, a parameter specifying the export type was not correctly validated, opening the door to a local file inclusion attack. Severity We consider this vulnerability...
Local file inclusion.
PMASA-2011-10 Announcement-ID: PMASA-2011-10 Date: 2011-07-23 Summary Local file inclusion. Description Via a crafted MIME-type transformation parameter, an attacker can perform a local file inclusion. Severity We consider this vulnerability to be serious. Mitigation factor The phpMyAdmin's...
Insufficient output sanitizing when generating configuration file.
PMASA-2010-4 Announcement-ID: PMASA-2010-4 Date: 2010-08-20 Summary Insufficient output sanitizing when generating configuration file. Description The setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration...
Multiple vulnerabilities in setup script
PMASA-2016-44 Announcement-ID: PMASA-2016-44 Date: 2017-01-24 Summary Multiple vulnerabilities in setup script Description A server-side request forgery vulnerability was reported with the setup script. This flaw can allow an unauthenticated attacker to: 1. brute-force passwords of MYSQL servers...
Multiple DOS vulnerabilities
PMASA-2016-65 Announcement-ID: PMASA-2016-65 Date: 2016-11-25 Updated: 2016-12-06 Summary Multiple DOS vulnerabilities Description With a crafted request parameter value it is possible to initiate a denial of service attack in saved searches feature. With a crafted request parameter value it is...
SQL injection attack
PMASA-2016-40 Announcement-ID: PMASA-2016-40 Date: 2016-07-14 Summary SQL injection attack Description A vulnerability was reported where a specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. Severity We consider this...
Multiple full path disclosure vulnerabilities.
PMASA-2016-6 Announcement-ID: PMASA-2016-6 Date: 2016-01-24 Summary Multiple full path disclosure vulnerabilities. Description By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path...
Leakage of line count of an arbitrary file.
PMASA-2014-16 Announcement-ID: PMASA-2014-16 Date: 2014-11-20 Summary Leakage of line count of an arbitrary file. Description In the error reporting feature, a parameter specifying the file was not correctly validated, allowing the attacker to derive the line count of an arbitrary file. Severity ...
XSS in view operations page.
PMASA-2014-9 Announcement-ID: PMASA-2014-9 Date: 2014-08-17 Summary XSS in view operations page. Description With a crafted view name it is possible to trigger an XSS when dropping the view in view operation page. Severity We consider this vulnerability to be non critical. Mitigation factor This...
Self-XSS due to unescaped HTML output in navigation items hiding feature.
PMASA-2014-3 Announcement-ID: PMASA-2014-3 Date: 2014-06-20 Summary Self-XSS due to unescaped HTML output in navigation items hiding feature. Description When hiding or unhiding a crafted table name in the navigation, it is possible to trigger an XSS. Severity We consider this vulnerability to be...
Path disclosure due to insufficient url parameter validation.
PMASA-2011-15 Announcement-ID: PMASA-2011-15 Date: 2011-10-17 Summary Path disclosure due to insufficient url parameter validation. Description When the jsframe parameter of phpmyadmin.css.php is defined as an array, an error message shows the full path of this file, leading to possible further...
XSS in Designer feature
PMASA-2018-3 Announcement-ID: PMASA-2018-3 Date: 2018-06-19 Updated: 2018-06-21 Summary XSS in Designer feature Description A Cross-Site Scripting vulnerability was found in the Designer feature, where an attacker can deliver a payload to a user through a specially-crafted database name. Severity...
XSRF/CSRF vulnerability in phpMyAdmin
PMASA-2017-9 Announcement-ID: PMASA-2017-9 Date: 2017-12-20 Updated: 2018-01-03 Summary XSRF/CSRF vulnerability in phpMyAdmin Description By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc...
Denial of service (DOS) attack with dbase extension
PMASA-2016-55 Announcement-ID: PMASA-2016-55 Date: 2016-07-25 Summary Denial of service DOS attack with dbase extension Description A flaw was discovered where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files. Severity We consider this...
Referrer leak in url.php
PMASA-2016-50 Announcement-ID: PMASA-2016-50 Date: 2016-07-24 Summary Referrer leak in url.php Description A vulnerability was discovered where an attacker can determine the phpMyAdmin host location through the file url.php. Severity We consider this to be of moderate severity. Affected Versions...
IPv6 and proxy server IP-based authentication rule circumvention
PMASA-2016-47 Announcement-ID: PMASA-2016-47 Date: 2016-07-21 Summary IPv6 and proxy server IP-based authentication rule circumvention Description A vulnerability was discovered where, under certain circumstances, it may be possible to circumvent the phpMyAdmin IP-based authentication rules. When...
Multiple XSS vulnerabilities
PMASA-2016-26 Announcement-ID: PMASA-2016-26 Date: 2016-06-23 Summary Multiple XSS vulnerabilities Description A vulnerability was reported allowing a specially crafted table name to cause an XSS attack through the functionality to check database privileges. This XSS doesn't exist in some...
XSRF/CSRF vulnerability in phpMyAdmin setup.
PMASA-2015-2 Announcement-ID: PMASA-2015-2 Date: 2015-05-13 Summary XSRF/CSRF vulnerability in phpMyAdmin setup. Description By deceiving a user to click on a crafted URL, it is possible to alter the configuration file being generated with phpMyAdmin setup. Severity We consider this vulnerability...
XSS attack on setup script.
PMASA-2010-7 Announcement-ID: PMASA-2010-7 Date: 2010-09-08 Summary XSS attack on setup script. Description It was possible to conduct a XSS attack using spoofed request to setup script. Severity We consider this vulnerability to be non critical. Affected Versions For 3.x: versions before 3.3.7 a...
XSS on plausible insecure PHP installation
PMASA-2008-4 Announcement-ID: PMASA-2008-4 Date: 2008-06-23 Summary XSS on plausible insecure PHP installation Description We received an advisory from Tim Starling Wikimedia, and we wish to thank him for his work. Some scripts in the /libraries directory were vulnerable to XSS. Severity We...
Path disclosure
PMASA-2005-2 Announcement-ID: PMASA-2005-2 Date: 2005-02-26 Summary Path disclosure Description By calling some scripts that are part of phpMyAdmin in an unexpected way especially scripts in the libraries subdirectory, it is possible to trigger phpMyAdmin to display a PHP error message which...
SSRF in replication
PMASA-2017-6 Announcement-ID: PMASA-2017-6 Date: 2017-01-24 Summary SSRF in replication Description For a user with appropriate MySQL privileges it was possible to connect to arbitrary host. Severity We consider this to be non-critical. Mitigation factor The vulnerability is exposed only to MySQL...
Username deny rules bypass (AllowRoot & Others) by using Null Byte
PMASA-2016-60 Announcement-ID: PMASA-2016-60 Date: 2016-11-25 Updated: 2016-12-06 Summary Username deny rules bypass AllowRoot & Others by using Null Byte Description It is possible to bypass AllowRoot restriction $cfg'Servers'$i'AllowRoot' and deny rules for username by using Null Byte in the...
DoS vulnerability with long passwords.
PMASA-2014-17 Announcement-ID: PMASA-2014-17 Date: 2014-12-03 Summary DoS vulnerability with long passwords. Description With very long passwords it was possible to initiate a denial of service attack on phpMyAdmin. Severity We consider this vulnerability to be serious. Mitigation factor This...
Global variables overwrite in "export.php".
PMASA-2013-5 Announcement-ID: PMASA-2013-5 Date: 2013-04-24 Summary Global variables overwrite in "export.php". Description The export script generates global variables from those present in the $$POST superglobal. This may lead to other exploits in the export script. Severity We consider this...
Path disclosure due to missing library.
PMASA-2012-3 Announcement-ID: PMASA-2012-3 Date: 2012-08-09 Summary Path disclosure due to missing library. Description The showconfigerrors.php script does not include a library, so an error message shows the full path of this file, leading to possible further attacks. Severity We consider this...
XSS in export.
PMASA-2011-20 Announcement-ID: PMASA-2011-20 Date: 2011-12-21 Summary XSS in export. Description Using crafted url parameters, it was possible to produce XSS on the export panels in the server, database and table sections. Severity We consider these vulnerabilities to be non critical. Mitigation...
Local file inclusion.
PMASA-2011-17 Announcement-ID: PMASA-2011-17 Date: 2011-11-10 Summary Local file inclusion. Description Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file limited by the privileges of the user running the web server. Severity We consider...
Insufficient output sanitizing when generating configuration file.
PMASA-2009-3 Announcement-ID: PMASA-2009-3 Date: 2009-03-24 Summary Insufficient output sanitizing when generating configuration file. Description Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...
XSS vulnerability
PMASA-2006-7 Announcement-ID: PMASA-2006-7 Date: 2006-11-17 Summary XSS vulnerability Description We received a security advisory from laurent gaffiƩ and we wish to thank him for his work. It was possible to produce XSS via table and database comment field and through position parameter. Severity...
Bypass URL redirect protection
PMASA-2016-49 Announcement-ID: PMASA-2016-49 Date: 2016-07-24 Summary Bypass URL redirect protection Description A vulnerability was discovered where an attacker could redirect a user to a malicious web page. Severity We consider this to be of moderate severity Affected Versions All 4.6.x version...