Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

phpMyAdmin 3.3.x < / 3.4.x < Multiple Vulnerabilities



The remote web server contains a PHP application that is vulnerable to multiple attack vectors.


Versions of phpMyAdmin 3.3.x earlier than and 3.4.x earlier than are potentially affected by multiple vulnerabilities :

- A cross-site scripting vulnerability exists in the table Print view. (PMASA-2011-9)

- A local file inclusion vulnerability can be exploited via a specially crafted MIME-type transformation parameter. (PMASA-2011-10)

- In the 'relational schema' code a parameter is not sanitized before being used to concatenate a class name which could lead to a local file inclusion or code execution. (PMASA-2011-11)

- It is possible to manipulate the PHP superglobals (including SESSION) using some of the Swekey authentication code. (PMASA-2011-12)


Upgrade to phpMyAdmin,, or later.