|
|
Subscribe / Log in / New account

phpmyadmin: multiple vulnerabilities

Package(s):phpmyadmin CVE #(s):CVE-2012-1190 CVE-2012-1902
Created:April 3, 2012 Updated:May 1, 2012
Description: From the Mandriva advisory:

It was possible to conduct XSS using a crafted database name (CVE-2012-1190).

The show_config_errors.php scripts did not validate the presence of the configuration file, so an error message shows the full path of this file, leading to possible further attacks (CVE-2012-1902).

Alerts:
Fedora FEDORA-2012-5631 phpMyAdmin 2012-05-01
Fedora FEDORA-2012-5624 phpMyAdmin 2012-05-01
openSUSE openSUSE-SU-2012:0494-1 phpMyAdmin 2012-04-12
Mandriva MDVSA-2012:050 phpmyadmin 2012-04-03
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds