Lucene search
DebianDEBIAN:E6B3DC88A76C7B2DC2E0A8C753CA0F6C:908ECHistoryJul 09, 2014 - 7:24 p.m.
phpmyadmin security update
2014-07-0919:24:50
lists.debian.org
16
0.043 Low
EPSS
Percentile
92.4%
Package : phpmyadmin
Version : 4:3.3.7-8
CVE ID : CVE-2013-3239 CVE-2013-4995 CVE-2013-4996 CVE-2013-5003
Several vulnerabilities have been discovered in phpMyAdmin, a tool to
administer MySQL over the web. The Common Vulnerabilities and Exposures
project identifies the following problems:
CVE-2013-3239
Authenticated users could execute arbitrary code, when a SaveDir
directory is configured and Apache HTTP Server has the mod_mime
module enabled, by employing double filename extensions.
CVE-2013-4995
Authenticatd users could inject arbitrary web script or HTML
via a crafted SQL query.
CVE-2013-4996
Cross site scripting was possible via a crafted logo URL in
the navigation panel or a crafted entry in the Trusted Proxy list.
CVE-2013-5003
Authenticated users could execute arbitrary SQL commands as
the phpMyAdmin 'control user' via the scale parameter of PMD PDF
export.
Related
openvas
openvas
Debian: Security Advisory (DLA-0014-1)
2023-03-08 00:00:00
Debian: Security Advisory (DSA-2975-1)
2014-07-08 00:00:00
Debian Security Advisory DSA 2975-1 (phpmyadmin - security update)
2014-07-09 00:00:00
osv
osv
phpmyadmin - security update
2014-07-09 00:00:00
phpmyadmin - security update
2014-07-09 00:00:00
phpMyAdmin Remote Code Execution
2022-05-17 04:58:08
debian
debian
phpmyadmin security update
2014-07-09 19:24:32
[SECURITY] [DSA 2975-1] phpmyadmin security update
2014-07-09 18:45:33
nessus
nessus
Debian DSA-2975-1 : phpmyadmin - security update
2014-07-10 00:00:00
Mandriva Linux Security Advisory : phpmyadmin (MDVSA-2013:203)
2013-07-31 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:203 ] phpmyadmin
2013-09-09 00:00:00
[ MDVSA-2013:160 ] phpmyadmin
2013-05-06 00:00:00
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin
2013-05-06 00:00:00
mageia
mageia
Updated phpmyadmin packages fix security vulnerabilities
2013-07-29 18:06:10
nvd
nvd
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2013-11-04 00:00:00
prion
prion
Cross site scripting
2013-07-31 13:20:00
Cross site scripting
2013-07-31 13:20:00
Sql injection
2013-07-31 13:20:00
phpmyadmin
phpmyadmin
XSS due to unescaped HTML Output when executing a SQL query.
2013-07-28 00:00:00
If a crafted version.json would be presented, an XSS could be introduced.
2013-07-28 00:00:00
debiancve
debiancve
ubuntucve
ubuntucve
cvelist
cvelist
cve
cve
seebug
seebug
phpMyAdmin 'filename_template' θΏη¨δ»£η ζ§θ‘(CVE-2013-3239)
2013-04-28 00:00:00
phpMyAdmin 3.5.8 and 4.0.0-RC2 - Multiple Vulnerabilities
2014-07-01 00:00:00
github
github
phpMyAdmin Remote Code Execution
2022-05-17 04:58:08
fedora
fedora
[SECURITY] Fedora 19 Update: phpMyAdmin-3.5.8.1-1.fc19
2013-05-09 18:59:18
[SECURITY] Fedora 17 Update: phpMyAdmin-3.5.8.1-1.fc17
2013-05-09 09:58:00
[SECURITY] Fedora 18 Update: phpMyAdmin-3.5.8.1-1.fc18
2013-05-09 10:10:52
freebsd
freebsd
phpMyAdmin -- Multiple security vulnerabilities
2013-04-24 00:00:00
packetstorm
packetstorm
phpMyAdmin 3.5.8 / 4.0.0-RC2 Code Execution / LFI / Overwrite
2013-04-25 00:00:00
zdt
zdt
phpMyAdmin 3.5.8 and 4.0.0-RC2 - Multiple Vulnerabilities
2013-04-26 00:00:00
exploitpack
exploitpack
phpMyAdmin 3.5.84.0.0-RC2 - Multiple Vulnerabilities
2013-04-25 00:00:00
exploitdb
exploitdb
phpMyAdmin 3.5.8/4.0.0-RC2 - Multiple Vulnerabilities
2013-04-25 00:00:00