Download
| Alert*
oval:org.secpod.oval:def:1800040
CVE-2017-1000499: By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc. Affected Versions:¶ Versions 4.7.x are affected. oval:org.secpod.oval:def:1801276 CVE-2018-19968: Local file inclusion through transformation feature.¶ A flaw has been found where an attacker can exploit phpMyAdmin to leak the contents of a local file. The attacker must have access to the phpMyAdmin Configuration Storage tables, although these can easily be created in any da ... oval:org.secpod.oval:def:1801157 A Cross-Site Scripting vulnerability was found in the file import feature, where an attacker can deliver a payload to a user through importing a specially-crafted file. Affected Versions:¶ phpMyAdmin versions prior to 4.8.3 oval:org.secpod.oval:def:1801066 CVE-2018-12581: XSS in Designer feature¶ A Cross-Site Scripting vulnerability was found in the Designer feature, where an attacker can deliver a payload to a user through a specially-crafted database name. Affected Versions:¶ phpMyAdmin versions prior to 4.8.2. oval:org.secpod.oval:def:107286 phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface , while you still have the ability to directly execute any SQL statement. Features include an intuitive web interface, suppo ... oval:org.secpod.oval:def:107288 phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface , while you still have the ability to directly execute any SQL statement. Features include an intuitive web interface, suppo ... oval:org.secpod.oval:def:601714 Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-4995 Authenticatd users could inject arbitrary web script or HTML via a crafted SQL query. CVE-2013-4996 C ... oval:org.secpod.oval:def:2000159 In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name. oval:org.secpod.oval:def:2000474 Cross-site scripting vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. oval:org.secpod.oval:def:1901350 Cross-site scripting vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. oval:org.secpod.oval:def:114069 A validating SQL lexer and parser with a focus on MySQL dialect. This library was originally developed for phpMyAdmin during the Google Summer of Code 2015. Autoloader: /usr/share/php/PhpMyAdmin/SqlParser/autoload.php oval:org.secpod.oval:def:114044 A validating SQL lexer and parser with a focus on MySQL dialect. This library was originally developed for phpMyAdmin during the Google Summer of Code 2015. Autoloader: /usr/share/php/PhpMyAdmin/SqlParser/autoload.php oval:org.secpod.oval:def:114040 phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface , while you still have the ability to directly execute any SQL statement. Features include an intuitive web interface, suppo ... oval:org.secpod.oval:def:114041 Translation API for PHP using Gettext MO files. Features * All strings are stored in memory for fast lookup * Fast loading of MO files * Low level API for reading MO files * Emulation of Gettext API * No use of eval for plural equation Limitations * Not suitable for huge MO files which you don't ... oval:org.secpod.oval:def:114072 Translation API for PHP using Gettext MO files. Features * All strings are stored in memory for fast lookup * Fast loading of MO files * Low level API for reading MO files * Emulation of Gettext API * No use of eval for plural equation Limitations * Not suitable for huge MO files which you don't ... oval:org.secpod.oval:def:114071 phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface , while you still have the ability to directly execute any SQL statement. Features include an intuitive web interface, suppo ... oval:org.secpod.oval:def:115046 phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface , while you still have the ability to directly execute any SQL statement. Features include an intuitive web interface, suppo ... oval:org.secpod.oval:def:600201 It was discovered that phpMyAdmin, a a tool to administer MySQL over the web, when the bookmarks feature is enabled, allowed to create a bookmarked query which would be executed unintentionally by other users. oval:org.secpod.oval:def:114736 phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface , while you still have the ability to directly execute any SQL statement. Features include an intuitive web interface, suppo ... |