Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-2034-1
HistoryApr 17, 2010 - 12:00 a.m.

phpmyadmin - several vulnerabilities

2010-04-1700:00:00
Google
osv.dev
10

EPSS

0.01

Percentile

83.7%

JSON

Several vulnerabilities have been discovered in phpMyAdmin, a tool
to administer MySQL over the web. The Common Vulnerabilities and Exposures
project identifies the following problems:

  • CVE-2008-7251
    phpMyAdmin may create a temporary directory, if the configured directory
    does not exist yet, with insecure filesystem permissions.
  • CVE-2008-7252
    phpMyAdmin uses predictable filenames for temporary files, which may
    lead to a local denial of service attack or privilege escalation.
  • CVE-2009-4605
    The setup.php script shipped with phpMyAdmin may unserialize untrusted
    data, allowing for cross site request forgery.

For the stable distribution (lenny), these problems have been fixed in version
phpmyadmin 2.11.8.1-5+lenny4.

For the unstable distribution (sid), these problems have been fixed in
version 3.2.4-1.

We recommend that you upgrade your phpmyadmin package.

Related

debian 1
openvas 6
nessus 5
seebug 2
ubuntucve 3
phpmyadmin 3
prion 3
cvelist 3
debiancve 3
github 1
cve 3
nvd 3
osv 1
gentoo 1
debian
debian
[SECURITY] [DSA 2034-1] New phpmyadmin packages fix several vulnerabilities
2010-04-17 12:35:52
openvas
openvas
Debian: Security Advisory (DSA-2034-1)
2010-05-04 00:00:00
Debian Security Advisory DSA 2034-1 (phpmyadmin)
2010-05-04 00:00:00
phpMyAdmin Insecure Temporary File and Directory Creation Vulnerabilities
2010-01-18 00:00:00
nessus
nessus
openSUSE Security Update : phpMyAdmin (phpMyAdmin-1801)
2010-01-18 00:00:00
Debian DSA-2034-1 : phpmyadmin - several vulnerabilities
2010-04-19 00:00:00
phpMyAdmin setup.php unserialize() Arbitrary PHP Code Execution (PMASA-2010-3)
2010-01-27 00:00:00
seebug
seebug
phpMyAdmin创建不安全文件和目录漏洞
2010-01-19 00:00:00
phpMyAdmin unserialize()调用跨站请求伪造漏洞
2010-01-21 00:00:00
ubuntucve
ubuntucve
CVE-2008-7251
2010-01-19 00:00:00
CVE-2008-7252
2010-01-19 00:00:00
CVE-2009-4605
2010-01-19 00:00:00
phpmyadmin
phpmyadmin
Unsafe handling of temporary directory
2010-01-15 00:00:00
Unsafe handling of temporary files
2010-01-15 00:00:00
Unsafe usage of unserialize function.
2010-01-15 00:00:00
prion
prion
Design/Logic Flaw
2010-01-19 16:30:00
Code injection
2010-01-19 16:30:00
Cross site request forgery (csrf)
2010-01-19 16:30:00
cvelist
cvelist
CVE-2008-7252
2010-01-19 16:00:00
CVE-2008-7251
2010-01-19 16:00:00
CVE-2009-4605
2010-01-19 16:00:00
debiancve
debiancve
CVE-2008-7252
2010-01-19 16:30:00
CVE-2008-7251
2010-01-19 16:30:00
CVE-2009-4605
2010-01-19 16:30:00
github
github
phpMyAdmin unsafely handles temporary files
2022-05-17 05:44:03
cve
cve
CVE-2008-7252
2010-01-19 16:30:00
CVE-2008-7251
2010-01-19 16:30:00
CVE-2009-4605
2010-01-19 16:30:00
nvd
nvd
CVE-2008-7252
2010-01-19 16:30:00
CVE-2008-7251
2010-01-19 16:30:00
CVE-2009-4605
2010-01-19 16:30:00
osv
osv
phpMyAdmin unsafely handles temporary files
2022-05-17 05:44:03
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2012-01-04 00:00:00

EPSS

0.01

Percentile

83.7%

JSON
Related for OSV:DSA-2034-1
debian1openvas6nessus5seebug2ubuntucve3phpmyadmin3prion3cvelist3debiancve3github1cve3nvd3osv1gentoo1