Lucene search
GoogleOSV:DSA-2391-1HistoryJan 22, 2012 - 12:00 a.m.
phpmyadmin - several
2012-01-2200:00:00
Google
osv.dev
12
EPSS
0.09
Percentile
94.7%
Several vulnerabilities have been discovered in phpMyAdmin, a tool
to administer MySQL over the web. The Common Vulnerabilities and
Exposures project identifies the following problems:
- CVE-2011-4107
The XML import plugin allowed a remote attacker to read arbitrary
files via XML data containing external entity references. - CVE-2011-1940, CVE-2011-3181
Cross site scripting was possible in the table tracking feature,
allowing a remote attacker to inject arbitrary web script or HTML.
The oldstable distribution (lenny) is not affected by these problems.
For the stable distribution (squeeze), these problems have been fixed
in version 4:3.3.7-7.
For the testing distribution (wheezy) and unstable distribution (sid),
these problems have been fixed in version 4:3.4.7.1-1.
We recommend that you upgrade your phpmyadmin packages.
References
Related
debian
debian
[SECURITY] [DSA 2391-1] phpmyadmin security update
2012-01-22 13:00:02
openvas
openvas
Debian: Security Advisory (DSA-2391-1)
2012-02-11 00:00:00
Debian Security Advisory DSA 2391-1 (phpmyadmin)
2012-02-11 00:00:00
Fedora Update for phpMyAdmin FEDORA-2011-11477
2012-04-02 00:00:00
nessus
nessus
Debian DSA-2391-1 : phpmyadmin - several vulnerabilities
2012-01-23 00:00:00
phpMyAdmin 3.3.x / 3.4.x < 3.3.10.4 / 3.4.4 XSS (PMASA-2011-13
2011-08-29 00:00:00
Fedora 14 : phpMyAdmin-3.4.4-1.fc14 (2011-11594)
2011-09-14 00:00:00
cvelist
cvelist
nvd
nvd
phpmyadmin
phpmyadmin
XSS vulnerability on Tracking page.
2011-05-22 00:00:00
Multiple XSS in the Tracking feature.
2011-08-24 00:00:00
Local file inclusion.
2011-11-10 00:00:00
cve
cve
fedora
fedora
[SECURITY] Fedora 16 Update: phpMyAdmin-3.4.4-1.fc16
2011-09-13 06:12:49
[SECURITY] Fedora 15 Update: phpMyAdmin-3.4.4-1.fc15
2011-09-13 05:55:00
[SECURITY] Fedora 14 Update: phpMyAdmin-3.4.4-1.fc14
2011-09-13 05:53:08
ubuntucve
ubuntucve
freebsd
freebsd
phpMyAdmin -- multiple XSS vulnerabilities
2011-08-24 00:00:00
phpmyadmin -- Local file inclusion
2011-11-10 00:00:00
debiancve
debiancve
prion
prion
Cross site scripting
2012-01-26 15:55:00
Cross site scripting
2011-08-29 17:55:00
Xxe
2011-11-17 19:55:00
seebug
seebug
phpMyAdminθ·θΈͺεθ½ε€δΈͺθ·¨η«θζ¬ζΌζ΄
2011-08-26 00:00:00
phpMyAdmin 3.3.X and 3.4.X - Local File Inclusion via XXE Injection
2012-01-16 00:00:00
phpMyAdmin 3.3.x & 3.4.x - Local File Inclusion via XXE Injection
2014-07-01 00:00:00
exploitpack
exploitpack
github
github
phpMyAdmin vulnerable to XML external entity (XXE) injection attack
2022-05-17 01:52:29
osv
osv
phpMyAdmin vulnerable to XML external entity (XXE) injection attack
2022-05-17 01:52:29
phpMyAdmin-4.6.5.2-1.1 on GA media
2024-06-15 00:00:00
zdt
zdt
phpMyAdmin 3.3.X and 3.4.X - Local File Inclusion via XXE Injection
2012-01-14 00:00:00
packetstorm
packetstorm
phpMyAdmin 3.3.x / 3.4.x Local File Inclusion Via XXE Injection
2012-01-16 00:00:00
exploitdb
exploitdb
gentoo
gentoo
phpMyAdmin: Multiple vulnerabilities
2012-01-04 00:00:00