NotCVE - vendor:"Phpmyadmin" product:"Phpmyadmin" version:" >= 4.5.0 <= 4.8.4"

Page 8 of 108 results (0.025 seconds)

CVSS: 5.9EPSS: 0%CPEs: 63EXPL: 0

CVE-2016-9860 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-9860

11 Dec 2016 — An issue was discovered in phpMyAdmin. An unauthenticated user can execute a denial of service attack when phpMyAdmin is running with $cfg['AllowArbitraryServer']=true. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected. Se descubrió un problema en phpMyAdmin. Un usuario no autenticado puede ejecutar un ataque de denegación de servicio cuando phpMyAdmin se ejecuta con $cfg['AllowArbitraryServer']=true. • http://www.securityfocus.com/bid/94525 • CWE-20: Improper Input Validation •

CVSS: 6.5EPSS: 0%CPEs: 60EXPL: 0

CVE-2016-6630 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-6630

11 Dec 2016 — An issue was discovered in phpMyAdmin. An authenticated user can trigger a denial-of-service (DoS) attack by entering a very long password at the change password dialog. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. Se descubrió un problema en phpMyAdmin. Un usuario autenticado puede desencadenar un ataque de denegación de servicio (DoS) al introducir una contraseña muy larga en el cuadro de diálogo de cambio de contraseña. • http://www.securityfocus.com/bid/92501 • CWE-20: Improper Input Validation •

CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 0

CVE-2016-6617 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-6617

11 Dec 2016 — An issue was discovered in phpMyAdmin. A specially crafted database and/or table name can be used to trigger an SQL injection attack through the export functionality. All 4.6.x versions (prior to 4.6.4) are affected. Se descubrió un problema en phpMyAdmin. Un nombre de tabla y/o de base de datos especialmente manipulada puede ser utilizado para desencadenar un ataque de inyección SQL a través de la funcionalidad de exportación. • http://www.securityfocus.com/bid/95044 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.3EPSS: 0%CPEs: 60EXPL: 0

CVE-2016-6627 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-6627

11 Dec 2016 — An issue was discovered in phpMyAdmin. An attacker can determine the phpMyAdmin host location through the file url.php. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. Se descubrió un problema en phpMyAdmin. Un atacante puede determinar la localización del host phpMyAdmin a través del archivo url.php. • http://www.securityfocus.com/bid/92494 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 6.1EPSS: 0%CPEs: 63EXPL: 0

CVE-2016-9857 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-9857

11 Dec 2016 — An issue was discovered in phpMyAdmin. XSS is possible because of a weakness in a regular expression used in some JavaScript processing. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected. Se descubrió un problema en phpMyAdmin. XSS es posible debido a una debilidad en una expresión regular utilizada en algún procesamiento JavaScript. • http://www.securityfocus.com/bid/94530 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.3EPSS: 0%CPEs: 63EXPL: 0

CVE-2016-9859 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-9859

11 Dec 2016 — An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to initiate a denial of service attack in import feature. All 4.6.x versions (prior to 4.6.5), 4.4.x versions (prior to 4.4.15.9), and 4.0.x versions (prior to 4.0.10.18) are affected. Se descubrió un problema en phpMyAdmin. Con un valor de parámetro de solicitud manipulado es posible iniciar un ataque de denegación de servicio en la funcionalidad de importación. • http://www.securityfocus.com/bid/94525 • CWE-20: Improper Input Validation •

CVSS: 5.9EPSS: 0%CPEs: 60EXPL: 0

CVE-2016-6632 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-6632

11 Dec 2016 — An issue was discovered in phpMyAdmin where, under certain conditions, phpMyAdmin may not delete temporary files during the import of ESRI files. All 4.6.x versions (prior to 4.6.4), 4.4.x versions (prior to 4.4.15.8), and 4.0.x versions (prior to 4.0.10.17) are affected. Se descubrió un problema en phpMyAdmin donde, bajo ciertas condiciones, phpMyAdmin no puede eliminar archivos temporales durante la importación de archivos ESRI. Todas las versiones 4.6.x (anteriores a 4.6.4), versiones 4.4.x (anteriores a... • http://www.securityfocus.com/bid/92497 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0

CVE-2016-9863 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-9863

11 Dec 2016 — An issue was discovered in phpMyAdmin. With a very large request to table partitioning function, it is possible to invoke a Denial of Service (DoS) attack. All 4.6.x versions (prior to 4.6.5) are affected. Se descubrió un problema en phpMyAdmin. Con una petición muy grande para la función de particionamiento de tabla, es posible invocar un ataque de denegación de servicio (DoS). • http://www.securityfocus.com/bid/94526 • CWE-20: Improper Input Validation •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-5098 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-5098

05 Jul 2016 — Directory traversal vulnerability in libraries/error_report.lib.php in phpMyAdmin before 4.6.2-prerelease allows remote attackers to determine the existence of arbitrary files by triggering an error. Vulnerabilidad de salto de directorio en libraries/error_report.lib.php en phpMyAdmin en versiones anteriores a 4.6.2-prerelease permite a atacantes remotos determinar la existencia de archivos arbitrarios desencadenando un error. Multiple vulnerabilities have been found in phpMyAdmin, the worst of which could ... • http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.1EPSS: 0%CPEs: 30EXPL: 0

CVE-2016-5099 – Gentoo Linux Security Advisory 201701-32

https://notcve.org/view.php?id=CVE-2016-5099

05 Jul 2016 — Cross-site scripting (XSS) vulnerability in phpMyAdmin 4.4.x before 4.4.15.6 and 4.6.x before 4.6.2 allows remote attackers to inject arbitrary web script or HTML via special characters that are mishandled during double URL decoding. Vulnerabilidad de XSS en phpMyAdmin 4.4.x en versiones anteriores a 4.4.15.6 y 4.6.x en versiones anteriores a 4.6.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de caracteres especiales que no son manejados adecuadamente durante l... • http://lists.opensuse.org/opensuse-updates/2016-06/msg00043.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

1...6 7 8 9 10