XSS in replication setup.

PMASA-2012-1 Announcement-ID: PMASA-2012-1 Date: 2012-02-18 Summary XSS in replication setup. Description It was possible to conduct XSS using a crafted database name. Severity We consider this vulnerability to be non critical. Mitigation factor The victim would have to willingly click on a...

XSS in setup.

PMASA-2011-19 Announcement-ID: PMASA-2011-19 Date: 2011-12-21 Summary XSS in setup. Description Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Severity We consider this...

XSS in export.

PMASA-2011-20 Announcement-ID: PMASA-2011-20 Date: 2011-12-21 Summary XSS in export. Description Using crafted url parameters, it was possible to produce XSS on the export panels in the server, database and table sections. Severity We consider these vulnerabilities to be non critical. Mitigation...

Multiple XSS.

PMASA-2011-18 Announcement-ID: PMASA-2011-18 Date: 2011-12-01 Updated: 2011-12-03 Summary Multiple XSS. Description Using crafted database names, it was possible to produce XSS in the Database Synchronize and Database rename panels. Using an invalid and crafted SQL query, it was possible to produ...

Local file inclusion.

PMASA-2011-17 Announcement-ID: PMASA-2011-17 Date: 2011-11-10 Summary Local file inclusion. Description Importing a specially-crafted XML file which contains an XML entity injection permits to retrieve a local file limited by the privileges of the user running the web server. Severity We consider...

XSS in setup.

PMASA-2011-16 Announcement-ID: PMASA-2011-16 Date: 2011-10-17 Summary XSS in setup. Description Crafted values entered in the setup interface can produce XSS; also, if the config directory exists and is writeable, the XSS payload can be saved to this directory. Severity We consider this...

Path disclosure due to insufficient url parameter validation.

PMASA-2011-15 Announcement-ID: PMASA-2011-15 Date: 2011-10-17 Summary Path disclosure due to insufficient url parameter validation. Description When the jsframe parameter of phpmyadmin.css.php is defined as an array, an error message shows the full path of this file, leading to possible further...

Multiple XSS.

PMASA-2011-14 Announcement-ID: PMASA-2011-14 Date: 2011-09-14 Summary Multiple XSS. Description Firstly, if a row contains javascript code, after inline editing this row and saving, the code is executed. Secondly, missing sanitization on the db, table and column names leads to XSS vulnerabilities...

Multiple XSS in the Tracking feature.

PMASA-2011-13 Announcement-ID: PMASA-2011-13 Date: 2011-08-24 Summary Multiple XSS in the Tracking feature. Description Missing sanitization on the table, column and index names leads to XSS vulnerabilities. Severity We consider this vulnerability to be serious. Mitigation factor An attacker must...

Local file inclusion.

PMASA-2011-10 Announcement-ID: PMASA-2011-10 Date: 2011-07-23 Summary Local file inclusion. Description Via a crafted MIME-type transformation parameter, an attacker can perform a local file inclusion. Severity We consider this vulnerability to be serious. Mitigation factor The phpMyAdmin's...

XSS in table Print view.

PMASA-2011-9 Announcement-ID: PMASA-2011-9 Date: 2011-07-23 Summary XSS in table Print view. Description The attacker must trick the victim into clicking a link that reaches phpMyAdmin's table print view script; one of the link's parameters is a crafted table name the name containing Javascript...

Local file inclusion vulnerability and code execution.

PMASA-2011-11 Announcement-ID: PMASA-2011-11 Date: 2011-07-23 Summary Local file inclusion vulnerability and code execution. Description In the 'relational schema' code a parameter was not sanitized before being used to concatenate a class name. Severity We consider this vulnerability to be...

Possible superglobal and local variables manipulation in swekey authentication.

PMASA-2011-12 Announcement-ID: PMASA-2011-12 Date: 2011-07-23 Updated: 2011-07-25 Summary Possible superglobal and local variables manipulation in swekey authentication. Description It was possible to manipulate the PHP superglobals including SESSION using some of the Swekey authentication code...

Possible directory traversal.

PMASA-2011-8 Announcement-ID: PMASA-2011-8 Date: 2011-07-02 Summary Possible directory traversal. Description Fixed filtering of a file path in the MIME-type transformation code, which allowed for directory traversal. Severity We consider this vulnerability to be serious. Affected Versions The...

Possible session manipulation in Swekey authentication.

PMASA-2011-5 Announcement-ID: PMASA-2011-5 Date: 2011-07-02 Updated: 2011-07-03 Summary Possible session manipulation in Swekey authentication. Description It was possible to manipulate the PHP session superglobal using some of the Swekey authentication code. This could open a path for other...

Regular expression quoting issue in Synchronize code.

PMASA-2011-7 Announcement-ID: PMASA-2011-7 Date: 2011-07-02 Updated: 2011-07-04 Summary Regular expression quoting issue in Synchronize code. Description Through a possible bug in PHP, a null byte can truncate the pattern string allowing an attacker to inject the /e modifier causing the pregrepla...

Possible code injection in setup script in case session variables are compromised.

PMASA-2011-6 Announcement-ID: PMASA-2011-6 Date: 2011-07-02 Summary Possible code injection in setup script in case session variables are compromised. Description An unsanitized key from the Servers array is written in a comment of the generated config. An attacker can modify this key by modifyin...

URL redirection to untrusted site.

PMASA-2011-4 Announcement-ID: PMASA-2011-4 Date: 2011-05-22 Summary URL redirection to untrusted site. Description It was possible to redirect to an arbitrary, untrusted site, leading to a possible phishing attack. Severity We consider this vulnerability to be serious. Affected Versions The 3.4.0...

XSS vulnerability on Tracking page.

PMASA-2011-3 Announcement-ID: PMASA-2011-3 Date: 2011-05-22 Summary XSS vulnerability on Tracking page. Description It was possible to create a crafted table name that leads to XSS. Severity We consider this vulnerability to be serious. Mitigation factor This vulnerability works in the context of...

SQL query could be executed under another user.

PMASA-2011-2 Announcement-ID: PMASA-2011-2 Date: 2011-02-11 Summary SQL query could be executed under another user. Description It was possible to create a bookmark which would be executed unintentionally by other users. Severity We consider this vulnerability to be critical. Mitigation factor To...

Path disclosure when some files have been removed.

PMASA-2011-1 Announcement-ID: PMASA-2011-1 Date: 2011-02-08 Summary Path disclosure when some files have been removed. Description When the files README, ChangeLog or LICENSE have been removed from their original place possibly by the distributor, the scripts used to display these files can show...

Unvalidated input on error page.

PMASA-2010-9 Announcement-ID: PMASA-2010-9 Date: 2010-12-07 Updated: 2010-02-16 Summary Unvalidated input on error page. Description It was possible to display arbitrary text and link to external site using parameters passed to particular script. Severity This issue is considered minor, because t...

Possible information disclosure.

PMASA-2010-10 Announcement-ID: PMASA-2010-10 Date: 2010-12-07 Updated: 2010-02-16 Summary Possible information disclosure. Description Unauthenticated user was able to display phpinfo output if phpMyAdmin was enabled to show it. Severity The issue is considered minor, because this feature is not...

XSS attack in database search.

PMASA-2010-8 Announcement-ID: PMASA-2010-8 Date: 2010-11-29 Summary XSS attack in database search. Description It was possible to conduct a XSS attack using spoofed request on the db search script. Severity We consider this vulnerability to be non critical. Affected Versions For 3.x: versions...

XSS attack on setup script.

PMASA-2010-7 Announcement-ID: PMASA-2010-7 Date: 2010-09-08 Summary XSS attack on setup script. Description It was possible to conduct a XSS attack using spoofed request to setup script. Severity We consider this vulnerability to be non critical. Affected Versions For 3.x: versions before 3.3.7 a...

XSS attack using debugging messages.

PMASA-2010-6 Announcement-ID: PMASA-2010-6 Date: 2010-08-30 Summary XSS attack using debugging messages. Description It was possible to conduct a XSS attack using error messages in PHP backtrace. Severity We consider this vulnerability to be non critical. Mitigation factor Additional steps from...

Insufficient output sanitizing when generating configuration file.

PMASA-2010-4 Announcement-ID: PMASA-2010-4 Date: 2010-08-20 Summary Insufficient output sanitizing when generating configuration file. Description The setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration...

Several XSS vulnerabilities were found in the code.

PMASA-2010-5 Announcement-ID: PMASA-2010-5 Date: 2010-08-20 Summary Several XSS vulnerabilities were found in the code. Description It was possible to conduct a XSS attack using crafted URLs or POST parameters on several pages. Severity We consider this vulnerability to be serious. Mitigation...

Unsafe usage of unserialize function.

PMASA-2010-3 Announcement-ID: PMASA-2010-3 Date: 2010-01-15 Updated: 2010-01-27 Summary Unsafe usage of unserialize function. Description phpMyAdmin used the unserialize PHP function on potentially unsafe data in setup script, what could be potentially used for XSRF attack, which can lead to code...

Unsafe handling of temporary files

PMASA-2010-2 Announcement-ID: PMASA-2010-2 Date: 2010-01-15 Summary Unsafe handling of temporary files Description phpMyAdmin created temporary files with predictable file name. Severity We consider these vulnerabilities to be not critical. Affected Versions For 2.11.x: versions before 2.11.10 ar...

Unsafe handling of temporary directory

PMASA-2010-1 Announcement-ID: PMASA-2010-1 Date: 2010-01-15 Summary Unsafe handling of temporary directory Description phpMyAdmin used to automatically create temporary world writable directory what could lead to possible misuse of it. Severity We consider these vulnerabilities to be not critical...

XSS and SQL injection vulnerabilities

PMASA-2009-6 Announcement-ID: PMASA-2009-6 Date: 2009-10-13 Summary XSS and SQL injection vulnerabilities Description Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted MySQL table name. SQL injection vulnerability allows remote...

XSS vulnerability

PMASA-2009-5 Announcement-ID: PMASA-2009-5 Date: 2009-06-30 Summary XSS vulnerability Description It was possible to conduct an XSS attack via a crafted SQL bookmark. Severity We consider this vulnerability to be serious. Affected Versions For 2.11.x: versions are not affected. For 3.x: All 3.x...

Insufficient output sanitizing when generating configuration file.

PMASA-2009-4 Announcement-ID: PMASA-2009-4 Date: 2009-04-14 Summary Insufficient output sanitizing when generating configuration file. Description Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...

Insufficient output sanitizing when generating configuration file.

PMASA-2009-3 Announcement-ID: PMASA-2009-3 Date: 2009-03-24 Summary Insufficient output sanitizing when generating configuration file. Description Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...

HTTP Response Splitting and file inclusion vulnerability.

PMASA-2009-1 Announcement-ID: PMASA-2009-1 Date: 2009-03-24 Summary HTTP Response Splitting and file inclusion vulnerability. Description The BLOB streaming feature allowed attacker to include arbitrary files and inject HTTP headers using crafted URL parameters. Severity We consider this...

Cross-site scripting on export page using cookies.

PMASA-2009-2 Announcement-ID: PMASA-2009-2 Date: 2009-03-24 Summary Cross-site scripting on export page using cookies. Description Export page uses cookies to remember user settings of file name template. These cookies could be used for cross-site scripting because they were not sanitized...

SQL injection through XSRF on several pages

PMASA-2008-10 Announcement-ID: PMASA-2008-10 Date: 2008-12-09 Summary SQL injection through XSRF on several pages Description A logged-in user can be subject of SQL injection through cross site request forgery. Several pages which use affected library in phpMyAdmin are vulnerable and the attack c...

XSS on a Designer component

PMASA-2008-9 Announcement-ID: PMASA-2008-9 Date: 2008-10-30 Summary XSS on a Designer component Description A logged-in user can be subject of cross site scripting attack via the pmdpdf.php script. Severity We consider this vulnerability to be serious. Affected Versions For 2.11.x: versions befor...

XSS for Microsoft Internet Explorer on several places

PMASA-2008-8 Announcement-ID: PMASA-2008-8 Date: 2008-09-23 Updated: 2008-10-01 Summary XSS for Microsoft Internet Explorer on several places Description We received an advisory from Masako Oono of NetAgent Co.,Ltd. via JPCERT/CC Vulnerability Handling Team and we wish to thank them for their wor...

Code execution vulnerability

PMASA-2008-7 Announcement-ID: PMASA-2008-7 Date: 2008-09-15 Updated: 2008-09-17 Summary Code execution vulnerability Description We received an advisory from Norman Hippert and we wish to thank him for his work. The serverdatabases.php script was vulnerable to an attack coming from a user who is...

Cross-site Framing; XSS in setup.php

PMASA-2008-6 Announcement-ID: PMASA-2008-6 Date: 2008-07-28 Summary Cross-site Framing; XSS in setup.php Description We received two advisories from Aung Khant YGN Ethical Hacker Group, and we wish to thank him for his work. It was permitted to display phpMyAdmin's frames inside another page,...

XSRF/CSRF for creating a database and modifying user charset

PMASA-2008-5 Announcement-ID: PMASA-2008-5 Date: 2008-07-15 Updated: 2008-07-16 Summary XSRF/CSRF for creating a database and modifying user charset Description We received an advisory from Aung Khant YGN Ethical Hacker Group, and we wish to thank him for his work. A logged-in user, if abused int...

XSS on plausible insecure PHP installation

PMASA-2008-4 Announcement-ID: PMASA-2008-4 Date: 2008-06-23 Summary XSS on plausible insecure PHP installation Description We received an advisory from Tim Starling Wikimedia, and we wish to thank him for his work. Some scripts in the /libraries directory were vulnerable to XSS. Severity We...

File disclosure on shared hosts via a crafted HTTP POST request.

PMASA-2008-3 Announcement-ID: PMASA-2008-3 Date: 2008-04-22 Updated: 2008-04-27 Summary File disclosure on shared hosts via a crafted HTTP POST request. Description We received an advisory from Cezary Tomczak, and we wish to thank him for his work. It is possible to read the contents of any file...

Credentials disclosure on shared hosts via session data

PMASA-2008-2 Announcement-ID: PMASA-2008-2 Date: 2008-03-29 Summary Credentials disclosure on shared hosts via session data Description We received an advisory from Jim Hermann, and we wish to thank him for his work. phpMyAdmin saves sensitive information like the MySQL username and password and...

SQL injection vulnerability (Delayed Cross Site Request Forgery)

PMASA-2008-1 Announcement-ID: PMASA-2008-1 Date: 2008-03-01 Updated: 2008-03-03 Summary SQL injection vulnerability Delayed Cross Site Request Forgery Description We received an advisory from Richard Cunningham, and we wish to thank him for his work. phpMyAdmin used the $$REQUEST superglobal as a...

XSS vulnerability

PMASA-2007-8 Announcement-ID: PMASA-2007-8 Date: 2007-11-20 Summary XSS vulnerability Description We received an advisory from Tim Brown, Nth Dimension, and we wish to thank him for his work. The login page authtype cookie was vulnerable to XSS via the convcharset parameter. Severity We consider...

XSS vulnerabilities

PMASA-2007-7 Announcement-ID: PMASA-2007-7 Date: 2007-11-11 Summary XSS vulnerabilities Description We received an advisory from Omer Singer, The DigiTrust Group, and we wish to thank him for his work. It was possible to create a malicious database name that contains XSS code. Our team fixed...

XSS vulnerabilities

PMASA-2007-6 Announcement-ID: PMASA-2007-6 Date: 2007-10-17 Updated: 2007-10-24 Summary XSS vulnerabilities Description We received an advisory from Omer Singer, The DigiTrust Group, and we wish to thank him for his work. It was possible to trigger this attack on serverstatus.php. Our team fixed...