Lucene search
RootSSV:30007HistoryJan 04, 2012 - 12:00 a.m.
phpMyAdmin 3.4.9之前版本多个跨站脚本执行漏洞
2012-01-0400:00:00
Root
www.seebug.org
21
0.003 Low
EPSS
Percentile
63.6%
BUGTRAQ ID: 51226
CVE ID: CVE-2011-4780
phpMyAdmin是一个用PHP编写的,可以通过web方式控制和操作MySQL数据库。
phpMyAdmin在libraries/display_export.lib.php的实现上存在多个跨站脚本执行漏洞,通过特制的URL参数,攻击者可利用这些漏洞在服务器、数据库、表格的导出面板上造成XSS,可在受影响站点的用户浏览器中执行任意脚本代码,窃取Cookie身份验证凭证。
0
phpMyAdmin 3.4.x
厂商补丁:
phpMyAdmin
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
Related
prion
prion
Cross site scripting
2011-12-22 20:55:00
cve
cve
CVE-2011-4780
2011-12-22 20:55:00
phpmyadmin
phpmyadmin
XSS in export.
2011-12-21 00:00:00
ubuntucve
ubuntucve
CVE-2011-4780
2011-12-22 00:00:00
cvelist
cvelist
CVE-2011-4780
2011-12-22 20:00:00
debiancve
debiancve
CVE-2011-4780
2011-12-22 20:55:00
nessus
nessus
Fedora 16 : phpMyAdmin-3.4.9-1.fc16 (2011-17369)
2012-01-03 00:00:00
Fedora 15 : phpMyAdmin-3.4.9-1.fc15 (2011-17370)
2012-01-03 00:00:00
openSUSE Security Update : phpMyAdmin (openSUSE-2012-18)
2014-06-13 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.9-1.fc15
2012-01-01 21:21:23
[SECURITY] Fedora 16 Update: phpMyAdmin-3.4.9-1.fc16
2012-01-01 21:24:07
openvas
openvas
Fedora Update for phpMyAdmin FEDORA-2011-17369
2012-04-02 00:00:00
FreeBSD Ports: phpMyAdmin
2012-02-13 00:00:00
Fedora Update for phpMyAdmin FEDORA-2011-17369
2012-04-02 00:00:00
freebsd
freebsd
phpMyAdmin -- Multiple XSS
2011-12-16 00:00:00
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2012-01-04 00:00:00