228 matches found
XSS vulnerability
PMASA-2006-4 Announcement-ID: PMASA-2006-4 Date: 2006-06-30 Updated: 2006-07-01 Summary XSS vulnerability Description It was possible to craft a request that contains XSS by attacking the "table" parameter. Severity We consider this vulnerability to be serious. Affected Versions Some versions...
Cross-Site Scripting, local and remote code execution vulnerabilities
PMASA-2005-9 Announcement-ID: PMASA-2005-9 Date: 2005-12-07 Summary Cross-Site Scripting, local and remote code execution vulnerabilities Description Two days after the release of version 2.7.0, we received a security advisory from Stefan Esser [email protected] and we wish to thank him for...
Denial of service (DOS) attack by for loops
PMASA-2016-46 Announcement-ID: PMASA-2016-46 Date: 2016-07-26 Summary Denial of service DOS attack by for loops Description A vulnerability has been reported where a malicious authorized user can cause a denial-of-service DOS attack on a server by passing large values to a loop. Severity We...
Self XSS
PMASA-2016-16 Announcement-ID: PMASA-2016-16 Date: 2016-05-25 Updated: 2016-05-26 Summary Self XSS Description A specially crafted attack could allow for special HTML characters to be passed as URL encoded values and displayed back as special characters in the page. Updated to include CVE ID...
Multiple XSS vulnerabilities.
PMASA-2016-11 Announcement-ID: PMASA-2016-11 Date: 2016-02-25 Summary Multiple XSS vulnerabilities. Description By sending a specially crafted URL as part of the HOST header, it is possible to trigger an XSS attack. A weakness was found that allows an XSS attack with Internet Explorer versions...
Vulnerability allowing man-in-the-middle attack on API call to GitHub.
PMASA-2015-3 Announcement-ID: PMASA-2015-3 Date: 2015-05-13 Summary Vulnerability allowing man-in-the-middle attack on API call to GitHub. Description A vulnerability in the API call to GitHub can be exploited to perform a man-in-the-middle attack. Severity We consider this vulnerability to be...
XSS vulnerability in redirection mechanism.
PMASA-2014-18 Announcement-ID: PMASA-2014-18 Date: 2014-12-03 Summary XSS vulnerability in redirection mechanism. Description With a crafted URL it was possible to trigger an XSS in the redirection mechanism in phpMyAdmin. Severity We consider this vulnerability to be non critical. Affected...
Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages.
PMASA-2012-4 Announcement-ID: PMASA-2012-4 Date: 2012-08-16 Summary Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages. Description Using a crafted table name, it was possible to produce a XSS : 1 On the Database Structure page, creating a new table with a...
Multiple XSS in the Tracking feature.
PMASA-2011-13 Announcement-ID: PMASA-2011-13 Date: 2011-08-24 Summary Multiple XSS in the Tracking feature. Description Missing sanitization on the table, column and index names leads to XSS vulnerabilities. Severity We consider this vulnerability to be serious. Mitigation factor An attacker must...
XSS for Microsoft Internet Explorer on several places
PMASA-2008-8 Announcement-ID: PMASA-2008-8 Date: 2008-09-23 Updated: 2008-10-01 Summary XSS for Microsoft Internet Explorer on several places Description We received an advisory from Masako Oono of NetAgent Co.,Ltd. via JPCERT/CC Vulnerability Handling Team and we wish to thank them for their wor...
XSS vulnerability
PMASA-2007-5 Announcement-ID: PMASA-2007-5 Date: 2007-10-15 Summary XSS vulnerability Description We received an advisory from Omer Singer, The DigiTrust Group, and we wish to thank him for his work. It was possible to trigger this attack on setup.php. Severity We consider this vulnerability to b...
XSS vulnerabilities
PMASA-2007-4 Announcement-ID: PMASA-2007-4 Date: 2007-04-24 Updated: 2007-05-17 Summary XSS vulnerabilities Description We received an advisory from Lukasz Plonka "sp3x" SecurityReason and we wish to thank him for his work. It was possible to trigger these attacks on various scripts due to...
XSRF vulnerabilities
PMASA-2006-3 Announcement-ID: PMASA-2006-3 Date: 2006-05-20 Summary XSRF vulnerabilities Description It was possible to inject arbitrary SQL commands by forcing an authenticated user to follow a crafted link. Severity Such issue is quite common in many PHP applications and users should take care...
DOS in replication status
PMASA-2017-7 Announcement-ID: PMASA-2017-7 Date: 2017-01-24 Summary DOS in replication status Description It was possible to trigger DOS in replication status by specially crafted table name. Severity We consider this to be non critical. Affected Versions All 4.6.x versions prior to 4.6.6, 4.4.x...
DOS attack
PMASA-2016-22 Announcement-ID: PMASA-2016-22 Date: 2016-06-23 Summary DOS attack Description A Denial Of Service DOS attack was discovered in the way phpMyAdmin loads some JavaScript files. Severity We consider this to be of moderate severity Affected Versions All 4.6.x versions prior to 4.6.3,...
XSRF/CSRF due to DOM based XSS in the micro history feature
PMASA-2014-10 Announcement-ID: PMASA-2014-10 Date: 2014-09-13 Summary XSRF/CSRF due to DOM based XSS in the micro history feature Description By deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a...
Self-XSS due to unescaped HTML output in recent/favorite tables navigation.
PMASA-2014-2 Announcement-ID: PMASA-2014-2 Date: 2014-06-20 Summary Self-XSS due to unescaped HTML output in recent/favorite tables navigation. Description When marking a crafted database or table name as favorite or having it in recent tables, it is possible to trigger an XSS. Severity We consid...
XSS due to unescaped HTML Output when executing a SQL query.
PMASA-2013-8 Announcement-ID: PMASA-2013-8 Date: 2013-07-28 Updated: 2013-07-30 Summary XSS due to unescaped HTML Output when executing a SQL query. Description Using a crafted SQL query, it was possible to produce an XSS on the SQL query form. Severity We consider these vulnerabilities to be non...
Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages.
PMASA-2012-6 Announcement-ID: PMASA-2012-6 Date: 2012-10-12 Summary Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages. Description When creating/modifying a trigger, event or procedure with a crafted name, it is possible to trigger an XSS. Severity We consider these...
XSS in setup.
PMASA-2011-19 Announcement-ID: PMASA-2011-19 Date: 2011-12-21 Summary XSS in setup. Description Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Severity We consider this...
Cross-site scripting on export page using cookies.
PMASA-2009-2 Announcement-ID: PMASA-2009-2 Date: 2009-03-24 Summary Cross-site scripting on export page using cookies. Description Export page uses cookies to remember user settings of file name template. These cookies could be used for cross-site scripting because they were not sanitized...
XSS and Path Disclosure vulnerabilities
PMASA-2007-2 Announcement-ID: PMASA-2007-2 Date: 2007-01-16 Summary XSS and Path Disclosure vulnerabilities Description We received an advisory from Laurent Gaffié and we wish to thank him for his work. It was possible to trigger these attacks on dbcreate.php and index.php. Severity We consider...
Bad IP Allow/Deny checking
PMASA-2006-9 Announcement-ID: PMASA-2006-9 Date: 2006-11-17 Summary Bad IP Allow/Deny checking Description We received a security advisory from Christian Schmidt, Peytz & Co. and we wish to thank him for his work. It was possible to get around IP-based Allow/Deny checking by faking proxy headers...
Two vulnerabilities were found in phpMyAdmin, that may allow command execution and file disclosure.
PMASA-2004-4 Announcement-ID: PMASA-2004-4 Date: 2004-12-13 Summary Two vulnerabilities were found in phpMyAdmin, that may allow command execution and file disclosure. Description We received a security advisory from Nicolas Gregoire exaprobe.com about those vulnerabilities and we wish to thank h...
When faking table with specific name, an attacker can make phpMyAdmin to execute arbitrary php code and add custom server configuration.
PMASA-2004-1 Announcement-ID: PMASA-2004-1 Date: 2004-06-29 Summary When faking table with specific name, an attacker can make phpMyAdmin to execute arbitrary php code and add custom server configuration. Description phpMyAdmin used eval function to fill some values and one parameter used there w...
XSS in partition range functionality
PMASA-2016-25 Announcement-ID: PMASA-2016-25 Date: 2016-06-23 Summary XSS in partition range functionality Description A vulnerability was reported allowing a specially crafted table parameters to cause an XSS attack through the table structure page. Severity We consider this vulnerability to be...
SQL injection attack
PMASA-2016-19 Announcement-ID: PMASA-2016-19 Date: 2016-06-23 Summary SQL injection attack Description A vulnerability was discovered that allows an SQL injection attack to run arbitrary commands as the control user. Severity We consider this vulnerability to be serious Mitigation factor This...
Vulnerability that allows bypassing the reCaptcha test
PMASA-2015-4 Announcement-ID: PMASA-2015-4 Date: 2015-09-08 Summary Vulnerability that allows bypassing the reCaptcha test Description This vulnerability allows to complete the reCaptcha test and subsequently perform a brute force attack to guess user credentials without having to complete furthe...
XSS vulnerabilities in table search and table structure pages.
PMASA-2014-11 Announcement-ID: PMASA-2014-11 Date: 2014-10-01 Summary XSS vulnerabilities in table search and table structure pages. Description With a crafted ENUM value it is possible to trigger an XSS in table search and table structure pages. Severity We consider this vulnerability to be non...
Full path disclosure vulnerabilities.
PMASA-2013-12 Announcement-ID: PMASA-2013-12 Date: 2013-07-28 Updated: 2013-07-30 Summary Full path disclosure vulnerabilities. Description By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains...
Fetching the version information from a non-SSL site is vulnerable to a MITM attack.
PMASA-2012-7 Announcement-ID: PMASA-2012-7 Date: 2012-10-12 Summary Fetching the version information from a non-SSL site is vulnerable to a MITM attack. Description To display information about the current phpMyAdmin version on the main page, a piece of JavaScript is fetched from the phpmyadmin.n...
Multiple XSS.
PMASA-2011-18 Announcement-ID: PMASA-2011-18 Date: 2011-12-01 Updated: 2011-12-03 Summary Multiple XSS. Description Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produ...
XSS vulnerability on Tracking page.
PMASA-2011-3 Announcement-ID: PMASA-2011-3 Date: 2011-05-22 Summary XSS vulnerability on Tracking page. Description It was possible to create a crafted table name that leads to XSS. Severity We consider this vulnerability to be serious. Mitigation factor This vulnerability works in the context of...
XSS vulnerability
PMASA-2007-8 Announcement-ID: PMASA-2007-8 Date: 2007-11-20 Summary XSS vulnerability Description We received an advisory from Tim Brown, Nth Dimension, and we wish to thank him for his work. The login page authtype cookie was vulnerable to XSS via the convcharset parameter. Severity We consider...
DOS attack with forced persistent connections
PMASA-2016-45 Announcement-ID: PMASA-2016-45 Date: 2016-07-21 Summary DOS attack with forced persistent connections Description A vulnerability was discovered where an unauthenticated user is able to execute a denial-of-service DOS attack by forcing persistent connections when phpMyAdmin is runni...
Local file exposure through symlinks with UploadDir
PMASA-2016-36 Announcement-ID: PMASA-2016-36 Date: 2016-07-12 Summary Local file exposure through symlinks with UploadDir Description A vulnerability was found where a user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin...
Referrer leak in transformations
PMASA-2016-28 Announcement-ID: PMASA-2016-28 Date: 2016-06-23 Summary Referrer leak in transformations Description A vulnerability was reported where a specially crafted Transformation could be used to leak information including the authentication token. This could be used to direct a CSRF attack...
Unsafe comparison of XSRF/CSRF token.
PMASA-2016-5 Announcement-ID: PMASA-2016-5 Date: 2016-01-24 Summary Unsafe comparison of XSRF/CSRF token. Description The comparison of the XSRF/CSRF token parameter with the value saved in the session is vulnerable to timing attacks. Moreover, the comparison could be bypassed if the XSRF/CSRF...
SQL injection vulnerabilities, producing a privilege escalation (control user).
PMASA-2013-15 Announcement-ID: PMASA-2013-15 Date: 2013-07-28 Updated: 2013-08-06 Summary SQL injection vulnerabilities, producing a privilege escalation control user. Description Due to a missing validation of parameters passed to schemaexport.php and pmdpdf.php, it was possible to inject SQL...
XSS due to unescaped HTML output in Create View page.
PMASA-2013-6 Announcement-ID: PMASA-2013-6 Date: 2013-06-05 Summary XSS due to unescaped HTML output in Create View page. Description When creating a view with a crafted name and an incorrect CREATE statement, it is possible to trigger an XSS. Severity We consider this vulnerability to be non...
SQL injection through XSRF on several pages
PMASA-2008-10 Announcement-ID: PMASA-2008-10 Date: 2008-12-09 Summary SQL injection through XSRF on several pages Description A logged-in user can be subject of SQL injection through cross site request forgery. Several pages which use affected library in phpMyAdmin are vulnerable and the attack c...
XSS on a Designer component
PMASA-2008-9 Announcement-ID: PMASA-2008-9 Date: 2008-10-30 Summary XSS on a Designer component Description A logged-in user can be subject of cross site scripting attack via the pmdpdf.php script. Severity We consider this vulnerability to be serious. Affected Versions For 2.11.x: versions befor...
Cross-site Framing; XSS in setup.php
PMASA-2008-6 Announcement-ID: PMASA-2008-6 Date: 2008-07-28 Summary Cross-site Framing; XSS in setup.php Description We received two advisories from Aung Khant YGN Ethical Hacker Group, and we wish to thank him for his work. It was permitted to display phpMyAdmin's frames inside another page,...
Arbitrary file read vulnerability
PMASA-2019-1 Announcement-ID: PMASA-2019-1 Date: 2019-01-21 Summary Arbitrary file read vulnerability Description When AllowArbitraryServer configuration set to true, with the use of a rogue MySQL server, an attacker can read any file on the server that the web server's user can access. phpMyadmi...
Self XSS in central columns feature
PMASA-2018-1 Announcement-ID: PMASA-2018-1 Date: 2018-02-20 Summary Self XSS in central columns feature Description A self-cross site scripting XSS vulnerability has been reported relating to the central columns feature. Severity We consider this vulnerability to be of moderate severity. Mitigati...
Unsafe generation of blowfish secret
PMASA-2016-58 Announcement-ID: PMASA-2016-58 Date: 2016-11-25 Updated: 2016-12-06 Summary Unsafe generation of blowfish secret Description When the user does not specify a blowfishsecret key for encrypting cookies, phpMyAdmin generates one at runtime. A vulnerability was reported where the way th...
Remote code execution vulnerability when PHP is running with dbase extension
PMASA-2016-56 Announcement-ID: PMASA-2016-56 Date: 2016-07-25 Summary Remote code execution vulnerability when PHP is running with dbase extension Description A vulnerability was discovered where phpMyAdmin can be used to trigger a remote code execution attack against certain PHP installations...
Unvalidated data passed to unserialize()
PMASA-2016-43 Announcement-ID: PMASA-2016-43 Date: 2016-07-15 Summary Unvalidated data passed to unserialize Description A vulnerability was reported where some data is passed to the PHP unserialize function without verification that it's valid serialized data. Due to how the PHP function operate...
SQL injection attack as control user
PMASA-2016-42 Announcement-ID: PMASA-2016-42 Date: 2016-07-15 Summary SQL injection attack as control user Description A vulnerability was discovered in the user interface preference feature where a user can execute an SQL injection attack against the account of the control user. Severity We...
SQL injection attack
PMASA-2016-34 Announcement-ID: PMASA-2016-34 Date: 2016-07-12 Summary SQL injection attack Description A vulnerability was reported where a specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. Severity We consider this...