Cross-site scripting on export page using cookies.

PMASA-2009-2 Announcement-ID: PMASA-2009-2 Date: 2009-03-24 Summary Cross-site scripting on export page using cookies. Description Export page uses cookies to remember user settings of file name template. These cookies could be used for cross-site scripting because they were not sanitized...

XSS vulnerability

PMASA-2007-5 Announcement-ID: PMASA-2007-5 Date: 2007-10-15 Summary XSS vulnerability Description We received an advisory from Omer Singer, The DigiTrust Group, and we wish to thank him for his work. It was possible to trigger this attack on setup.php. Severity We consider this vulnerability to b...

XSRF vulnerabilities

PMASA-2006-3 Announcement-ID: PMASA-2006-3 Date: 2006-05-20 Summary XSRF vulnerabilities Description It was possible to inject arbitrary SQL commands by forcing an authenticated user to follow a crafted link. Severity Such issue is quite common in many PHP applications and users should take care...

Cross-Site Scripting, local and remote code execution vulnerabilities

PMASA-2005-9 Announcement-ID: PMASA-2005-9 Date: 2005-12-07 Summary Cross-Site Scripting, local and remote code execution vulnerabilities Description Two days after the release of version 2.7.0, we received a security advisory from Stefan Esser [email protected] and we wish to thank him for...

XSS in the import dialog

PMASA-2018-5 Announcement-ID: PMASA-2018-5 Date: 2018-08-21 Summary XSS in the import dialog Description A Cross-Site Scripting vulnerability was found in the file import feature, where an attacker can deliver a payload to a user through importing a specially-crafted file. Severity We consider th...

Denial of service (DOS) attack by for loops

PMASA-2016-46 Announcement-ID: PMASA-2016-46 Date: 2016-07-26 Summary Denial of service DOS attack by for loops Description A vulnerability has been reported where a malicious authorized user can cause a denial-of-service DOS attack on a server by passing large values to a loop. Severity We...

Self XSS

PMASA-2016-16 Announcement-ID: PMASA-2016-16 Date: 2016-05-25 Updated: 2016-05-26 Summary Self XSS Description A specially crafted attack could allow for special HTML characters to be passed as URL encoded values and displayed back as special characters in the page. Updated to include CVE ID...

XSS vulnerability in redirection mechanism.

PMASA-2014-18 Announcement-ID: PMASA-2014-18 Date: 2014-12-03 Summary XSS vulnerability in redirection mechanism. Description With a crafted URL it was possible to trigger an XSS in the redirection mechanism in phpMyAdmin. Severity We consider this vulnerability to be non critical. Affected...

XSRF/CSRF due to DOM based XSS in the micro history feature

PMASA-2014-10 Announcement-ID: PMASA-2014-10 Date: 2014-09-13 Summary XSRF/CSRF due to DOM based XSS in the micro history feature Description By deceiving a logged-in user to click on a crafted URL, it is possible to perform remote code execution and in some cases, create a root account due to a...

XSS due to unescaped HTML Output when executing a SQL query.

PMASA-2013-8 Announcement-ID: PMASA-2013-8 Date: 2013-07-28 Updated: 2013-07-30 Summary XSS due to unescaped HTML Output when executing a SQL query. Description Using a crafted SQL query, it was possible to produce an XSS on the SQL query form. Severity We consider these vulnerabilities to be non...

Fetching the version information from a non-SSL site is vulnerable to a MITM attack.

PMASA-2012-7 Announcement-ID: PMASA-2012-7 Date: 2012-10-12 Summary Fetching the version information from a non-SSL site is vulnerable to a MITM attack. Description To display information about the current phpMyAdmin version on the main page, a piece of JavaScript is fetched from the phpmyadmin.n...

Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages.

PMASA-2012-4 Announcement-ID: PMASA-2012-4 Date: 2012-08-16 Summary Multiple XSS in Table operations, Database structure, Trigger and Visualize GIS data pages. Description Using a crafted table name, it was possible to produce a XSS : 1 On the Database Structure page, creating a new table with a...

Possible superglobal and local variables manipulation in swekey authentication.

PMASA-2011-12 Announcement-ID: PMASA-2011-12 Date: 2011-07-23 Updated: 2011-07-25 Summary Possible superglobal and local variables manipulation in swekey authentication. Description It was possible to manipulate the PHP superglobals including SESSION using some of the Swekey authentication code...

XSS and Path Disclosure vulnerabilities

PMASA-2007-2 Announcement-ID: PMASA-2007-2 Date: 2007-01-16 Summary XSS and Path Disclosure vulnerabilities Description We received an advisory from Laurent Gaffié and we wish to thank him for his work. It was possible to trigger these attacks on dbcreate.php and index.php. Severity We consider...

Bad IP Allow/Deny checking

PMASA-2006-9 Announcement-ID: PMASA-2006-9 Date: 2006-11-17 Summary Bad IP Allow/Deny checking Description We received a security advisory from Christian Schmidt, Peytz & Co. and we wish to thank him for his work. It was possible to get around IP-based Allow/Deny checking by faking proxy headers...

Multiple XSS vulnerabilities

PMASA-2016-64 Announcement-ID: PMASA-2016-64 Date: 2016-11-25 Updated: 2016-12-06 Summary Multiple XSS vulnerabilities Description Several XSS vulnerabilities have been reported, including an improper fix for PMASA-2016-10 and a weakness in a regular expression using in some JavaScript processing...

Bypass logout timeout

PMASA-2016-62 Announcement-ID: PMASA-2016-62 Date: 2016-11-25 Updated: 2016-12-06 Summary Bypass logout timeout Description With a crafted request parameter value it is possible to bypass the logout timeout. Severity We consider this vulnerability to be of moderate severity. Affected Versions All...

Referrer leak in transformations

PMASA-2016-28 Announcement-ID: PMASA-2016-28 Date: 2016-06-23 Summary Referrer leak in transformations Description A vulnerability was reported where a specially crafted Transformation could be used to leak information including the authentication token. This could be used to direct a CSRF attack...

Unsafe comparison of XSRF/CSRF token.

PMASA-2016-5 Announcement-ID: PMASA-2016-5 Date: 2016-01-24 Summary Unsafe comparison of XSRF/CSRF token. Description The comparison of the XSRF/CSRF token parameter with the value saved in the session is vulnerable to timing attacks. Moreover, the comparison could be bypassed if the XSRF/CSRF...

Vulnerability that allows bypassing the reCaptcha test

PMASA-2015-4 Announcement-ID: PMASA-2015-4 Date: 2015-09-08 Summary Vulnerability that allows bypassing the reCaptcha test Description This vulnerability allows to complete the reCaptcha test and subsequently perform a brute force attack to guess user credentials without having to complete furthe...

Local file inclusion vulnerability.

PMASA-2014-14 Announcement-ID: PMASA-2014-14 Date: 2014-11-20 Summary Local file inclusion vulnerability. Description In the GIS editor feature, a parameter specifying the geometry type was not correcly validated, opening the door to a local file inclusion attack. Severity We consider this...

XSS in setup.

PMASA-2011-19 Announcement-ID: PMASA-2011-19 Date: 2011-12-21 Summary XSS in setup. Description Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Severity We consider this...

Multiple XSS.

PMASA-2011-18 Announcement-ID: PMASA-2011-18 Date: 2011-12-01 Updated: 2011-12-03 Summary Multiple XSS. Description Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produ...

SQL injection through XSRF on several pages

PMASA-2008-10 Announcement-ID: PMASA-2008-10 Date: 2008-12-09 Summary SQL injection through XSRF on several pages Description A logged-in user can be subject of SQL injection through cross site request forgery. Several pages which use affected library in phpMyAdmin are vulnerable and the attack c...

Cross-site Framing; XSS in setup.php

PMASA-2008-6 Announcement-ID: PMASA-2008-6 Date: 2008-07-28 Summary Cross-site Framing; XSS in setup.php Description We received two advisories from Aung Khant YGN Ethical Hacker Group, and we wish to thank him for his work. It was permitted to display phpMyAdmin's frames inside another page,...

XSS vulnerability

PMASA-2007-8 Announcement-ID: PMASA-2007-8 Date: 2007-11-20 Summary XSS vulnerability Description We received an advisory from Tim Brown, Nth Dimension, and we wish to thank him for his work. The login page authtype cookie was vulnerable to XSS via the convcharset parameter. Severity We consider...

XSS vulnerabilities

PMASA-2007-4 Announcement-ID: PMASA-2007-4 Date: 2007-04-24 Updated: 2007-05-17 Summary XSS vulnerabilities Description We received an advisory from Lukasz Plonka "sp3x" SecurityReason and we wish to thank him for his work. It was possible to trigger these attacks on various scripts due to...

DOS vulnerabiltiy in table editing

PMASA-2017-3 Announcement-ID: PMASA-2017-3 Date: 2017-01-24 Summary DOS vulnerabiltiy in table editing Description It was possible to trigger recursive include operation by crafter parameters when editing table data. Severity We consider this to be non critical. Mitigation factor Do not click on...

DOS attack with forced persistent connections

PMASA-2016-45 Announcement-ID: PMASA-2016-45 Date: 2016-07-21 Summary DOS attack with forced persistent connections Description A vulnerability was discovered where an unauthenticated user is able to execute a denial-of-service DOS attack by forcing persistent connections when phpMyAdmin is runni...

SQL injection attack

PMASA-2016-19 Announcement-ID: PMASA-2016-19 Date: 2016-06-23 Summary SQL injection attack Description A vulnerability was discovered that allows an SQL injection attack to run arbitrary commands as the control user. Severity We consider this vulnerability to be serious Mitigation factor This...

XSS in partition range functionality

PMASA-2016-25 Announcement-ID: PMASA-2016-25 Date: 2016-06-23 Summary XSS in partition range functionality Description A vulnerability was reported allowing a specially crafted table parameters to cause an XSS attack through the table structure page. Severity We consider this vulnerability to be...

DOS attack

PMASA-2016-22 Announcement-ID: PMASA-2016-22 Date: 2016-06-23 Summary DOS attack Description A Denial Of Service DOS attack was discovered in the way phpMyAdmin loads some JavaScript files. Severity We consider this to be of moderate severity Affected Versions All 4.6.x versions prior to 4.6.3,...

XSS vulnerabilities in table search and table structure pages.

PMASA-2014-11 Announcement-ID: PMASA-2014-11 Date: 2014-10-01 Summary XSS vulnerabilities in table search and table structure pages. Description With a crafted ENUM value it is possible to trigger an XSS in table search and table structure pages. Severity We consider this vulnerability to be non...

SQL injection vulnerabilities, producing a privilege escalation (control user).

PMASA-2013-15 Announcement-ID: PMASA-2013-15 Date: 2013-07-28 Updated: 2013-08-06 Summary SQL injection vulnerabilities, producing a privilege escalation control user. Description Due to a missing validation of parameters passed to schemaexport.php and pmdpdf.php, it was possible to inject SQL...

XSS due to unescaped HTML output in Create View page.

PMASA-2013-6 Announcement-ID: PMASA-2013-6 Date: 2013-06-05 Summary XSS due to unescaped HTML output in Create View page. Description When creating a view with a crafted name and an incorrect CREATE statement, it is possible to trigger an XSS. Severity We consider this vulnerability to be non...

Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages.

PMASA-2012-6 Announcement-ID: PMASA-2012-6 Date: 2012-10-12 Summary Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages. Description When creating/modifying a trigger, event or procedure with a crafted name, it is possible to trigger an XSS. Severity We consider these...

XSS on a Designer component

PMASA-2008-9 Announcement-ID: PMASA-2008-9 Date: 2008-10-30 Summary XSS on a Designer component Description A logged-in user can be subject of cross site scripting attack via the pmdpdf.php script. Severity We consider this vulnerability to be serious. Affected Versions For 2.11.x: versions befor...

DOS in replication status

PMASA-2017-7 Announcement-ID: PMASA-2017-7 Date: 2017-01-24 Summary DOS in replication status Description It was possible to trigger DOS in replication status by specially crafted table name. Severity We consider this to be non critical. Affected Versions All 4.6.x versions prior to 4.6.6, 4.4.x...

Unvalidated data passed to unserialize()

PMASA-2016-43 Announcement-ID: PMASA-2016-43 Date: 2016-07-15 Summary Unvalidated data passed to unserialize Description A vulnerability was reported where some data is passed to the PHP unserialize function without verification that it's valid serialized data. Due to how the PHP function operate...

SQL injection attack as control user

PMASA-2016-42 Announcement-ID: PMASA-2016-42 Date: 2016-07-15 Summary SQL injection attack as control user Description A vulnerability was discovered in the user interface preference feature where a user can execute an SQL injection attack against the account of the control user. Severity We...

Local file exposure through symlinks with UploadDir

PMASA-2016-36 Announcement-ID: PMASA-2016-36 Date: 2016-07-12 Summary Local file exposure through symlinks with UploadDir Description A vulnerability was found where a user can specially craft a symlink on disk, to a file which phpMyAdmin is permitted to read but the user is not, which phpMyAdmin...

Multiple XSS vulnerabilities

PMASA-2016-30 Announcement-ID: PMASA-2016-30 Date: 2016-07-07 Updated: 2016-11-24 Summary Multiple XSS vulnerabilities Description Multiple vulnerabilities have been discovered in the following areas of phpMyAdmin: Zoom search: Specially crafted column content can be used to trigger an XSS attack...

Full path disclosure vulnerabilities.

PMASA-2013-12 Announcement-ID: PMASA-2013-12 Date: 2013-07-28 Updated: 2013-07-30 Summary Full path disclosure vulnerabilities. Description By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains...

XSRF (Cross Site Request Forgery) vulnerabilities

PMASA-2006-5 Announcement-ID: PMASA-2006-5 Date: 2006-10-01 Summary XSRF Cross Site Request Forgery vulnerabilities Description We received a security advisory from Stefan Esser [email protected] and we wish to thank him for his work. It was possible to inject arbitrary SQL commands by...

When faking table with specific name, an attacker can make phpMyAdmin to execute arbitrary php code and add custom server configuration.

PMASA-2004-1 Announcement-ID: PMASA-2004-1 Date: 2004-06-29 Summary When faking table with specific name, an attacker can make phpMyAdmin to execute arbitrary php code and add custom server configuration. Description phpMyAdmin used eval function to fill some values and one parameter used there w...

XSS when checking tables

PMASA-2025-1 Announcement-ID: PMASA-2025-1 Date: 2025-01-20 Updated: 2025-01-23 Summary XSS when checking tables Description An XSS vulnerability has been discovered with the phpMyAdmin "Check tables" feature. A specially–crafted table or database name could be used to trigger an XSS attack...

CSRF token not stripped from the URL

PMASA-2016-71 Announcement-ID: PMASA-2016-71 Date: 2016-11-25 Updated: 2016-12-06 Summary CSRF token not stripped from the URL Description When the argseparator is different from its default value of &, the token was not properly stripped from the return URL of the preference import action...

SQL injection attack

PMASA-2016-34 Announcement-ID: PMASA-2016-34 Date: 2016-07-12 Summary SQL injection attack Description A vulnerability was reported where a specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. Severity We consider this...

Multiple full path disclosure vulnerabilities

PMASA-2016-23 Announcement-ID: PMASA-2016-23 Date: 2016-06-23 Summary Multiple full path disclosure vulnerabilities Description This PMASA contains information on multiple full-path disclosure vulnerabilities reported in phpMyAdmin. By specially crafting requests in the following areas, it is...

ClickJacking protection can be bypassed.

PMASA-2013-10 Announcement-ID: PMASA-2013-10 Date: 2013-08-04 Updated: 2013-08-05 Summary ClickJacking protection can be bypassed. Description phpMyAdmin has a number of mechanisms to avoid a clickjacking attack, however these mechanisms either work only in modern browser versions, or can be...