«
Expand/Collapse
141 items tagged "phpmyadmin"
Related tags:
string function [+],
site [+],
code [+],
vulnerabilities [+],
swekey [+],
day [+],
cross site scripting [+],
code execution [+],
xss [+],
security [+],
page [+],
interface [+],
information disclosure vulnerability [+],
authentication [+],
wordpress [+],
simplexml [+],
mandriva linux [+],
load [+],
database [+],
txt [+],
session [+],
myadmin [+],
manipulation [+],
inclusion [+],
html [+],
host [+],
error [+],
client [+],
vulnerability [+],
yakamoz [+],
xml [+],
variable [+],
tracking [+],
side [+],
search [+],
reading vulnerability [+],
reading [+],
read [+],
php [+],
perl script [+],
path [+],
mandriva [+],
linux security [+],
linux [+],
force [+],
finder [+],
file php [+],
exploit [+],
dsa [+],
disclosure [+],
database search [+],
cs4 [+],
configuration file [+],
brute force [+],
bookmark [+],
beta [+],
attacker [+],
arbitrary [+],
webapps [+],
web applications [+],
web [+],
version [+],
url parameter [+],
url [+],
uri redirection [+],
setup script [+],
setup php [+],
setup [+],
server sync [+],
server [+],
parameter [+],
execution [+],
debug [+],
configuration [+],
xsrf [+],
wwwsrv [+],
user [+],
upload [+],
unserialize [+],
sync [+],
show [+],
shell [+],
security restrictions [+],
root password [+],
replace [+],
preg [+],
portable php [+],
portable [+],
poc [+],
plugin [+],
local [+],
highly [+],
haunt [+],
full disclosure [+],
feature [+],
executions [+],
edu [+],
dork [+],
default [+],
database access [+],
critical flaws [+],
config [+],
bypass [+],
backtrace [+],
auth [+],
multiple [+],
cross [+],
remote [+],
bugtraq [+],
mdvsa [+],
file [+]
-
-
15:55
»
Packet Storm Security Exploits
WordPress portable-phpMyAdmin plugin version 1.3.0 fails to validate the existing session allowing a user to navigate directly to the interface.
-
15:55
»
Packet Storm Security Misc. Files
WordPress portable-phpMyAdmin plugin version 1.3.0 fails to validate the existing session allowing a user to navigate directly to the interface.
-
-
17:00
»
SecuriTeam
phpMyAdmin is prone to multiple HTML-injection vulnerabilities.
-
-
17:00
»
SecuriTeam
phpMyAdmin is prone to a security-bypass vulnerability
-
-
17:00
»
SecuriTeam
phpMyAdmin is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input.
-
17:00
»
SecuriTeam
phpMyAdmin is prone to a security-bypass vulnerability that affects bookmarks.
-
17:00
»
SecuriTeam
phpMyAdmin is prone to a remote PHP code-injection vulnerability.
-
17:00
»
SecuriTeam
phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.
-
-
17:35
»
Packet Storm Security Exploits
phpMyAdmin versions 3.3.x and 3.4.x suffer from a local file inclusion vulnerability via XXE injection. The attacker must be logged in to MySQL via phpMyAdmin.
-
17:35
»
Packet Storm Security Recent Files
phpMyAdmin versions 3.3.x and 3.4.x suffer from a local file inclusion vulnerability via XXE injection. The attacker must be logged in to MySQL via phpMyAdmin.
-
17:35
»
Packet Storm Security Misc. Files
phpMyAdmin versions 3.3.x and 3.4.x suffer from a local file inclusion vulnerability via XXE injection. The attacker must be logged in to MySQL via phpMyAdmin.
-
-
7:49
»
Packet Storm Security Exploits
phpMyAdmin suffers from a remote arbitrary file reading vulnerability when using a simplexml_load_string function meant to read xml from user input.
-
7:49
»
Packet Storm Security Recent Files
phpMyAdmin suffers from a remote arbitrary file reading vulnerability when using a simplexml_load_string function meant to read xml from user input.
-
7:49
»
Packet Storm Security Misc. Files
phpMyAdmin suffers from a remote arbitrary file reading vulnerability when using a simplexml_load_string function meant to read xml from user input.
-
-
7:35
»
Packet Storm Security Recent Files
This is a simple perl script that enumerates various possible directories on a given website in order to determine whether or not a phpMyAdmin instance may be installed.
-
7:35
»
Packet Storm Security Tools
This is a simple perl script that enumerates various possible directories on a given website in order to determine whether or not a phpMyAdmin instance may be installed.
-
7:35
»
Packet Storm Security Misc. Files
This is a simple perl script that enumerates various possible directories on a given website in order to determine whether or not a phpMyAdmin instance may be installed.
-
-
19:49
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2011-000 - error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to conduct cross-site scripting attacks via a crafted BBcode tag containing @ characters, as demonstrated using [a@url@page]. phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function. This upgrade provides the latest phpmyadmin version for MES5 and patches the version for CS4 to address these vulnerabilities.
-
19:49
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2011-000 - error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to conduct cross-site scripting attacks via a crafted BBcode tag containing @ characters, as demonstrated using [a@url@page]. phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function. This upgrade provides the latest phpmyadmin version for MES5 and patches the version for CS4 to address these vulnerabilities.
-
19:49
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2011-000 - error.php in PhpMyAdmin 3.3.8.1 and earlier allows remote attackers to conduct cross-site scripting attacks via a crafted BBcode tag containing @ characters, as demonstrated using [a@url@page]. phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function. This upgrade provides the latest phpmyadmin version for MES5 and patches the version for CS4 to address these vulnerabilities.
-
10:03
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-018 - libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors. libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors. scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. This update provides phpMyAdmin 2.11.10, which is not vulnerable to these issues.
-
10:03
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-018 - libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors. libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors. scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. This update provides phpMyAdmin 2.11.10, which is not vulnerable to these issues.