Showing 1 - 4 of 4

CVE-2008-5621

Status Candidate

Overview

Cross-site request forgery (CSRF) vulnerability in phpMyAdmin 2.11.x before 2.11.9.4 and 3.x before 3.1.1.0 allows remote attackers to perform unauthorized actions as the administrator via a link or IMG tag to tbl_structure.php with a modified table parameter. NOTE: other unspecified pages are also reachable, but they have the same root cause. NOTE: this can be leveraged to conduct SQL injection attacks and execute arbitrary code.

Related Files

Gentoo Linux Security Advisory 200903-32: Posted Mar 19, 2009; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200903-32 - Multiple vulnerabilities have been discovered in phpMyAdmin, the worst of which may allow for remote code execution. Versions less than 2.11.9.4 are affected.; tags | advisory, remote, vulnerability, code execution; systems | linux, gentoo; advisories | CVE-2006-6942, CVE-2007-5977, CVE-2008-4096, CVE-2008-4775, CVE-2008-5621, CVE-2008-5622; SHA-256 | 84b576d5d56dcb25d0b1e8a4382cbe137d6660a1b4ff09053f94cae238c4e503; Download | Favorite | View

Mandriva Linux Security Advisory 2009-026: Posted Feb 26, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-026-1 - phpMyAdmin suffered from cross site scripting, cross site request forgery, and SQL injection vulnerabilities. This update provide the fix for these security issues. The previous update packages wasn't signed, this time they are.; tags | advisory, vulnerability, xss, sql injection, csrf; systems | linux, mandriva; advisories | CVE-2008-4775, CVE-2008-5621, CVE-2008-5622; SHA-256 | cb03b4a7f45f173639487a0d4ba5713cd6777f5c6fad1c3fcf62282aa78368ca; Download | Favorite | View

Debian Linux Security Advisory 1723-1: Posted Feb 12, 2009; Authored by Debian | Site debian.org; Debian Security Advisory 1723-1 - Michael Brooks discovered that phpMyAdmin, a tool to administrate MySQL over the web, performs insufficient input sanitizing allowing a user assisted remote attacker to execute code on the webserver.; tags | advisory, remote, web; systems | linux, debian; advisories | CVE-2008-5621; SHA-256 | 0ce8623c3eb2df117c5ee0aa0b3dbaa95f8eddf9d15ced49b7924312e3411fd2; Download | Favorite | View

Mandriva Linux Security Advisory 2009-026: Posted Jan 23, 2009; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2009-026 - phpMyAdmin has been updated to mitigate various cross site scripting and cross site request forgery vulnerabilities.; tags | advisory, vulnerability, xss, csrf; systems | linux, mandriva; advisories | CVE-2008-4775, CVE-2008-5621, CVE-2008-5622; SHA-256 | 8133881ab97608f592995b3f37b5dc7a0dce87a6f4a875a4915667794f46113e; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

CVE-2008-5621

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems