[go: up one dir, main page]
|
|
Log in / Subscribe / Register

phpmyadmin: multiple vulnerabilities

Package(s):phpmyadmin CVE #(s):CVE-2013-4995 CVE-2013-4996 CVE-2013-4998 CVE-2013-5000 CVE-2013-5002 CVE-2013-5003
Created:July 30, 2013 Updated:July 30, 2014
Description: From the Mandriva advisory:

* XSS due to unescaped HTML Output when executing a SQL query (CVE-2013-4995).

* 5 XSS vulnerabilities in setup, chart display, process list, and logo link. If a crafted version.json would be presented, an XSS could be introduced (CVE-2013-4996).

* Full path disclosure vulnerabilities (CVE-2013-4998, CVE-2013-5000).

* Self-XSS due to unescaped HTML output in schema export (CVE-2013-5002).

* SQL injection vulnerabilities, producing a privilege escalation (control user) (CVE-2013-5003).

Alerts:
Fedora FEDORA-2014-8577 phpMyAdmin 2014-07-30
Fedora FEDORA-2014-8581 phpMyAdmin 2014-07-30
Debian DSA-2975-1 phpmyadmin 2014-07-09
Gentoo 201311-02 phpmyadmin 2013-11-04
Fedora FEDORA-2013-18794 phpMyAdmin 2013-11-15
Fedora FEDORA-2013-18802 phpMyAdmin 2013-11-15
Mageia MGASA-2013-0238 phpmyadmin 2013-07-29
Mandriva MDVSA-2013:203 phpmyadmin 2013-07-30
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds