Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSDD79FC873-B5F9-11E0-89B4-001EC9578670
HistoryJul 23, 2011 - 12:00 a.m.

phpmyadmin -- multiple vulnerabilities

2011-07-2300:00:00
vuxml.freebsd.org
16

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.026

Percentile

90.4%

JSON

The phpMyAdmin development team reports:

XSS in table Print view.

Via a crafted MIME-type transformation parameter, an attacker can
perform a local file inclusion.

In the ‘relational schema’ code a parameter was not sanitized before
being used to concatenate a class name.
The end result is a local file inclusion vulnerability and code
execution.

It was possible to manipulate the PHP session superglobal using
some of the Swekey authentication code.
This is very similar to PMASA-2011-5, documented in
7e4e5c53-a56c-11e0-b180-00216aa06fc2

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphpmyadmin< 3.4.3.2UNKNOWN

Related

nessus 5
openvas 15
fedora 2
ubuntucve 2
phpmyadmin 2
nvd 2
cvelist 2
debiancve 2
cve 2
prion 2
threatpost 1
securityvulns 2
osv 1
debian 1
gentoo 1
nessus
nessus
FreeBSD : phpmyadmin -- multiple vulnerabilities (d79fc873-b5f9-11e0-89b4-001ec9578670)
2011-07-26 00:00:00
Fedora 14 : phpMyAdmin-3.4.3.2-1.fc14 (2011-9725)
2011-08-05 00:00:00
Fedora 15 : phpMyAdmin-3.4.3.2-1.fc15 (2011-9734)
2011-08-05 00:00:00
openvas
openvas
FreeBSD Ports: phpMyAdmin
2011-08-07 00:00:00
FreeBSD Ports: phpMyAdmin
2011-08-07 00:00:00
Fedora Update for phpMyAdmin FEDORA-2011-9734
2011-08-12 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.3.2-1.fc15
2011-08-05 03:52:20
[SECURITY] Fedora 14 Update: phpMyAdmin-3.4.3.2-1.fc14
2011-08-05 03:49:58
ubuntucve
ubuntucve
CVE-2011-2643
2011-08-01 00:00:00
CVE-2011-2642
2011-08-01 00:00:00
phpmyadmin
phpmyadmin
XSS in table Print view.
2011-07-23 00:00:00
Local file inclusion.
2011-07-23 00:00:00
nvd
nvd
CVE-2011-2643
2011-08-01 19:55:01
CVE-2011-2642
2011-08-01 19:55:01
cvelist
cvelist
CVE-2011-2643
2011-08-01 19:00:00
CVE-2011-2642
2011-08-01 19:00:00
debiancve
debiancve
CVE-2011-2643
2011-08-01 19:55:01
CVE-2011-2642
2011-08-01 19:55:01
cve
cve
CVE-2011-2642
2011-08-01 19:55:01
CVE-2011-2643
2011-08-01 19:55:01
prion
prion
Directory traversal
2011-08-01 19:55:00
Cross site scripting
2011-08-01 19:55:00
threatpost
threatpost
Attackers Reused Adobe Reader Exploit Code From 2009 In Extremely Targeted Hacks
2012-01-12 01:17:48
securityvulns
securityvulns
[SECURITY] [DSA 2286-1] phpmyadmin security update
2011-08-01 00:00:00
Web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2011-08-01 00:00:00
osv
osv
phpymadmin - several
2011-07-26 00:00:00
debian
debian
[SECURITY] [DSA 2286-1] phpmyadmin security update
2011-07-26 19:11:55
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2012-01-04 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

EPSS

0.026

Percentile

90.4%

JSON
Related for D79FC873-B5F9-11E0-89B4-001EC9578670
nessus5openvas15fedora2ubuntucve2phpmyadmin2nvd2cvelist2debiancve2cve2prion2threatpost1securityvulns2osv1debian1gentoo1