[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

MDVSA-2013:203 -- Mandriva phpmyadmin

ID: oval:org.secpod.oval:def:1300216Date: (C)2013-10-08   (M)2022-10-10
Class: PATCHFamily: unix




Multiple vulnerabilities has been discovered and corrected in phpmyadmin: * XSS due to unescaped HTML Output when executing a SQL query . * 5 XSS vulnerabilities in setup, chart display, process list, and logo link. If a crafted version.json would be presented, an XSS could be introduced . * Full path disclosure vulnerabilities . * Self-XSS due to unescaped HTML output in schema export . * SQL injection vulnerabilities, producing a privilege escalation . This upgrade provides the latest phpmyadmin version to address these vulnerabilities.

Platform:
Mandriva Enterprise Server 5.2
Product:
phpmyadmin
Reference:
MDVSA-2013:203
CVE-2013-4995
CVE-2013-4996
CVE-2013-4997
CVE-2013-4998
CVE-2013-5000
CVE-2013-5002
CVE-2013-5003
CVE    7
CVE-2013-4998
CVE-2013-4996
CVE-2013-4997
CVE-2013-4995
...
CPE    1
cpe:/o:mandriva:enterprise_server:5.2

© SecPod Technologies