exploit the possibilities
Showing 1 - 4 of 4 RSS Feed

CVE-2008-5621

Status Candidate

Overview

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. NOTE: other unspecified pages are also reachable, but they have the same root cause. NOTE: this can be leveraged to conduct SQL injection attacks and execute arbitrary code.

Related Files

Gentoo Linux Security Advisory 200903-32
Posted Mar 19, 2009
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200903-32 - Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of which may allow for remote code execution. Versions less than 2.11.9.4 are affected.

tags | advisory, remote, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2006-6942, CVE-2007-5977, CVE-2008-4096, CVE-2008-4775, CVE-2008-5621, CVE-2008-5622
MD5 | 533cd11f9c879284e77b5386d884d8bb
Mandriva Linux Security Advisory 2009-026
Posted Feb 26, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-026-1 - phpMyAdmin suffered from cross site scripting, cross site request forgery, and SQL injection vulnerabilities. This update provide the fix for these security issues. The previous update packages wasn't signed, this time they are.

tags | advisory, vulnerability, xss, sql injection, csrf
systems | linux, mandriva
advisories | CVE-2008-4775, CVE-2008-5621, CVE-2008-5622
MD5 | ab75954e4afc686a02a444db2fac6137
Debian Linux Security Advisory 1723-1
Posted Feb 12, 2009
Authored by Debian | Site debian.org

Debian Security Advisory 1723-1 - Michael Brooks discovered that phpMyAdmin, a tool to administrate MySQL over the web, performs insufficient input sanitizing allowing a user assisted remote attacker to execute code on the webserver.

tags | advisory, remote, web
systems | linux, debian
advisories | CVE-2008-5621
MD5 | 0f6cdf5dc384539ecd55ba26d1c2a9ac
Mandriva Linux Security Advisory 2009-026
Posted Jan 23, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-026 - phpMyAdmin has been updated to mitigate various cross site scripting and cross site request forgery vulnerabilities.

tags | advisory, vulnerability, xss, csrf
systems | linux, mandriva
advisories | CVE-2008-4775, CVE-2008-5621, CVE-2008-5622
MD5 | 9b139ba25b174440691a508e3f11cb1a
Page 1 of 1
Back1Next

File Archive:

August 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    10 Files
  • 2
    Aug 2nd
    8 Files
  • 3
    Aug 3rd
    2 Files
  • 4
    Aug 4th
    1 Files
  • 5
    Aug 5th
    15 Files
  • 6
    Aug 6th
    79 Files
  • 7
    Aug 7th
    16 Files
  • 8
    Aug 8th
    10 Files
  • 9
    Aug 9th
    10 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    6 Files
  • 12
    Aug 12th
    26 Files
  • 13
    Aug 13th
    15 Files
  • 14
    Aug 14th
    19 Files
  • 15
    Aug 15th
    52 Files
  • 16
    Aug 16th
    11 Files
  • 17
    Aug 17th
    1 Files
  • 18
    Aug 18th
    2 Files
  • 19
    Aug 19th
    18 Files
  • 20
    Aug 20th
    19 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close