exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Mandriva Linux Security Advisory 2010-018
Posted Jan 20, 2010
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2010-018 - libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors. libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 uses predictable filenames for temporary files, which has unknown impact and attack vectors. scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. This update provides phpMyAdmin 2.11.10, which is not vulnerable to these issues.

tags | advisory, remote, php, csrf
systems | linux, mandriva
advisories | CVE-2008-7251, CVE-2008-7252, CVE-2009-4605
MD5 | 536666fd7cbfdf7e9284fc94f424b54d
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
iPhone iOS 13 Lockscreen Bypass Flaw Exposes Contacts
Posted Sep 16, 2019

tags | headline, phone, data loss, flaw, apple
Instagram Fixed Flaw That Links Account Info To PII
Posted Sep 13, 2019

tags | headline, hacker, privacy, data loss, flaw, facebook
France To Block Facebook's Libra Cryptocurrency In Europe
Posted Sep 13, 2019

tags | headline, government, bank, fraud, france, facebook, social, cryptography
InnfiRAT Malware Lurks To Steal Cryptocurrency Wallet Data
Posted Sep 13, 2019

tags | headline, malware, cybercrime, fraud, cryptography
Infosec Duo Cuffed After Physically Breaking Into Courthouse During IT Security Assessment
Posted Sep 13, 2019

tags | headline, hacker, government
New Simjacker Attack Exploited In The Wild To Track Users For At Least Two Years
Posted Sep 12, 2019

tags | headline, hacker, privacy, phone
Major Fraud Scheme Exposed By Insecure Database
Posted Sep 12, 2019

tags | headline, database, cybercrime, fraud
UNICEF Leaks Personal Data Of 8,000 Users Via Email Blunder
Posted Sep 12, 2019

tags | headline, privacy, email, data loss
Fin7 Operator Pleads Guilty To Two Counts
Posted Sep 12, 2019

tags | headline, malware, cybercrime, fraud
Weakness In Intel Chips Lets Researchers Steal Encrypted SSH Keystrokes
Posted Sep 11, 2019

tags | headline, privacy, flaw, password, cryptography, intel
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close