Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

phpMyAdmin 4.0.x < / 4.2.x < / 4.3.x < / 4.4.x < Multiple Vulnerabilities (PMASA-2015-2, PMASA-2015-3)



The remote web server contains a PHP application that is affected by multiple vulnerabilities.


Versions of phpMyAdmin 4.0.x prior to, 4.2.x prior to, 4.3.x prior to, or 4.4.x prior to are unpatched for the following vulnerabilities :

- An attacker could trick a user with a crafted URL during installation to alter the configuration file being generated. (CVE-2015-3902) - A flaw exists in 'libraries/Config.class.php' due to an error in an API call to GitHub that allows a man-in-the-middle attacker to perform unauthorized actions. (CVE-2015-3903)


Upgrade to phpMyAdmin / / / or later, or apply the patches referenced in the vendor advisory.