Lucene search
GoogleOSV:DSA-2139-1HistoryDec 31, 2010 - 12:00 a.m.
phpmyadmin - several
2010-12-3100:00:00
Google
osv.dev
12
EPSS
0.016
Percentile
87.5%
Several vulnerabilities have been discovered in phpMyAdmin, a tool
to administer MySQL over the web. The Common Vulnerabilities and Exposures
project identifies the following problems:
- CVE-2010-4329
Cross site scripting was possible in search, that allowed
a remote attacker to inject arbitrary web script or HTML. - CVE-2010-4480
Cross site scripting was possible in errors, that allowed
a remote attacker to inject arbitrary web script or HTML. - CVE-2010-4481
Display of PHPโs phpinfo() function was available to world, but only
if this functionality had been enabled (defaults to off). This may
leak some information about the host system.
For the stable distribution (lenny), these problems have been fixed in
version 2.11.8.1-5+lenny7.
For the testing (squeeze) and unstable distribution (sid), these problems
have been fixed in version 3.3.7-3.
We recommend that you upgrade your phpmyadmin package.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
References
Related
debian
debian
[SECURITY] [DSA 2139-1] New phpmyadmin packages fix several vulnerabilities
2010-12-31 15:57:29
nessus
nessus
Debian DSA-2139-1 : phpmyadmin - several vulnerabilities
2011-01-03 00:00:00
Fedora 15 : phpMyAdmin-3.3.10-1.fc15 (2011-3761)
2011-03-27 00:00:00
Fedora 13 : phpMyAdmin-3.3.10-1.fc13 (2011-3733)
2011-03-30 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2139-1)
2011-03-07 00:00:00
Debian Security Advisory DSA 2139-1 (phpmyadmin)
2011-03-07 00:00:00
Mandriva Update for phpmyadmin MDVSA-2011:000 (phpmyadmin)
2011-01-11 00:00:00
securityvulns
securityvulns
Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2011-01-03 00:00:00
[SECURITY] [DSA 2139-1] New phpmyadmin packages fix several vulnerabilities
2011-01-03 00:00:00
[ MDVSA-2010:244 ] phpmyadmin
2010-12-01 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: phpMyAdmin-3.3.10-1.fc15
2011-03-26 05:11:26
[SECURITY] Fedora 13 Update: phpMyAdmin-3.3.10-1.fc13
2011-03-29 19:53:51
[SECURITY] Fedora 14 Update: phpMyAdmin-3.3.10-1.fc14
2011-03-29 19:52:43
prion
prion
Cross site scripting
2010-12-08 16:00:00
Authentication flaw
2010-12-17 19:00:00
Cross site scripting
2010-12-02 16:22:00
phpmyadmin
phpmyadmin
Unvalidated input on error page.
2010-12-07 00:00:00
Possible information disclosure.
2010-12-07 00:00:00
XSS attack in database search.
2010-11-29 00:00:00
nvd
nvd
ubuntucve
ubuntucve
cvelist
cvelist
cve
cve
debiancve
debiancve
exploitdb
exploitdb
phpMyAdmin - Client-Side Code Injection / Redirect Link Falsification
2010-12-06 00:00:00
freebsd
freebsd
phpMyAdmin -- XSS attack in database search
2010-11-29 00:00:00
seebug
seebug
phpMyAdminๆฐๆฎๅบๆ็ดข่ทจ็ซ่ๆฌๆง่กๆผๆด
2010-12-09 00:00:00