Entries Related to ‘phpmyadmin’

Showing Security Notifications Only
Phpmyadmin 2.11.9.6 and prior [Medium]
By Security Team on Tuesday, January 19th, 2010 in Security Notifications

scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors….

CVE Identifier: CVE-2009-4605
Vulnerability Type(s):
Severity: Medium

Read More »
Related Software Packages:
Phpmyadmin 2.11.6rc1 and prior [High]
By Security Team on Tuesday, January 19th, 2010 in Security Notifications

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors….

CVE Identifier: CVE-2008-7251
Vulnerability Type(s):
Severity: High

Read More »
Related Software Packages:
Phpmyadmin 2.11.6rc1 and prior [High]
By Security Team on Tuesday, January 19th, 2010 in Security Notifications

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors….

CVE Identifier: CVE-2008-7252
Vulnerability Type(s):
Severity: High

Read More »
Related Software Packages:
Get open source software support
Phpmyadmin 2.11.6rc1 and prior [High]
By Security Team on Tuesday, January 19th, 2010 in Security Notifications

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors….

CVE Identifier: CVE-2008-7251
Vulnerability Type(s):
Severity: High

Read More »
Related Software Packages:
Phpmyadmin 2.11.6rc1 and prior [High]
By Security Team on Tuesday, January 19th, 2010 in Security Notifications

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors….

CVE Identifier: CVE-2008-7252
Vulnerability Type(s):
Severity: High

Read More »
Related Software Packages:
Phpmyadmin 3.2.2 and prior [Medium]
By Security Team on Friday, October 16th, 2009 in Security Notifications

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table….

CVE Identifier: CVE-2009-3696
Vulnerability Type(s):
Severity: Medium

Read More »
Related Software Packages:

Open Source Help & Resources

Get a demo of OpenLogic Exchange (OLEX), a SaaS solution for enterprise open source governance »Get support for open source software with commercial-grade SLAs »Register for a demo of the OSS Deep Discovery source code scanning tool »
Phpmyadmin 3.2.2 and prior [High]
By Security Team on Friday, October 16th, 2009 in Security Notifications

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters….

CVE Identifier: CVE-2009-3697
Vulnerability Type(s):
Severity: High

Read More »
Related Software Packages:
Phpmyadmin 3.2.2 and prior [Medium]
By Security Team on Friday, October 16th, 2009 in Security Notifications

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table….

CVE Identifier: CVE-2009-3696
Vulnerability Type(s):
Severity: Medium

Read More »
Related Software Packages:
Phpmyadmin 3.2.2 and prior [High]
By Security Team on Friday, October 16th, 2009 in Security Notifications

SQL injection vulnerability in the PDF schema generator functionality in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to execute arbitrary SQL commands via unspecified interface parameters….

CVE Identifier: CVE-2009-3697
Vulnerability Type(s):
Severity: High

Read More »
Related Software Packages:
Phpmyadmin 3.2.2 and prior [Medium]
By Security Team on Friday, October 16th, 2009 in Security Notifications

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table….

CVE Identifier: CVE-2009-3696
Vulnerability Type(s):
Severity: Medium

Read More »
Related Software Packages:

Next Page »
© 2010 OpenLogic, Inc. | Licensing | Privacy Policy | Terms of Use