This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name cpe:/a:phpmyadmin:phpmyadmin:2.10.0.2
Detail
Vendor Phpmyadmin First view 2007-11-23
Product Phpmyadmin Last view 2009-07-01
Version 2.10.0.2 Type Application
Edition  
Language  
Update  
 
CPE Product cpe:/a:phpmyadmin:phpmyadmin

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
4.3 2009-07-01 CVE-2009-2284 Network Medium None Requ...
4.3 2008-09-30 CVE-2008-4326 Network Medium None Requ...
8.5 2008-09-18 CVE-2008-4096 Network Medium Requires ...
2.6 2008-08-04 CVE-2008-3457 Network High None Requ...
6.4 2008-08-04 CVE-2008-3456 Network Low None Requ...
Hide | Show 5 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
3.5 2008-07-16 CVE-2008-3197 Network Medium Requires ...
2.6 2008-07-02 CVE-2008-2960 Network High None Requ...
3.5 2008-04-23 CVE-2008-1924 Network Medium Requires ...
2.1 2008-03-31 CVE-2008-1567 Local Low None Requ...
2.6 2007-11-23 CVE-2007-6100 Network High None Requ...

CWE : Common Weakness Enumeration

%idName
50% (5)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
20% (2)CWE-200Information Exposure
10% (1)CWE-352Cross-Site Request Forgery (CSRF)
10% (1)CWE-59Improper Link Resolution Before File Access ('Link Following')
10% (1)CWE-20Improper Input Validation

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-31Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-37Lifting Data Embedded in Client Distributions
CAPEC-65Passively Sniff and Capture Application Code Bound for Authorized Client
CAPEC-117Data Interception Attacks
CAPEC-155Screen Temporary Files for Sensitive Information
Hide | Show 7 More...
idName
CAPEC-157Sniffing Attacks
CAPEC-167Lifting Sensitive Data from the Client
CAPEC-204Lifting cached, sensitive data embedded in client distributions (thick or thin)
CAPEC-205Lifting credential(s)/key material embedded in client distributions (thick or...
CAPEC-258Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...
CAPEC-259Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...
CAPEC-260Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:8041DSA-1557 phpmyadmin -- insufficient input sanitising
oval:org.mitre.oval:def:18667DSA-1557-1 phpmyadmin - several vulnerabilities
oval:org.mitre.oval:def:8155DSA-1641 phpmyadmin -- several vulnerabilities
oval:org.mitre.oval:def:8223DSA-1675 phpmyadmin -- insufficient input sanitising
oval:org.mitre.oval:def:19750DSA-1675-1 phpmyadmin - cross site scripting

Open Source Vulnerability Database (OSVDB)

idDescription
55514phpMyAdmin Crafted SQL Bookmark XSS
48480phpMyAdmin libraries/js_escape.lib.php PMA_escapeJsString() Function MSIE Nul...
48154phpMyAdmin server_databases.php sort_by Variable Arbitrary PHP Code Execution
47487phpMyAdmin setup.php Configuration Manipulation Based XSS
47486phpMyAdmin setup.php Cross-Frame Scripting
Hide | Show 6 More...
idDescription
47322phpMyAdmin index.php Multiple Parameter CSRF
47321phpMyAdmin db_create.php db Parameter CSRF
46511phpMyAdmin /libraries Multiple Scripts Unspecified XSS
44577phpMyAdmin Crafted HTTP Request UploadDir Parameter Arbitrary File Access
43908phpMyAdmin Session Data Credential / Secret Key Disclosure
38835phpMyAdmin index.php convcharset Parameter XSS

OpenVAS Exploits

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2009-08-17Name : Mandrake Security Advisory MDVSA-2009:192 (phpmyadmin)
File : nvt/mdksa_2009_192.nasl
2009-07-06Name : FreeBSD Ports: phpMyAdmin
File : nvt/freebsd_phpMyAdmin19.nasl
2009-07-06Name : Fedora Core 11 FEDORA-2009-7329 (phpMyAdmin)
File : nvt/fcore_2009_7329.nasl
2009-07-06Name : Fedora Core 9 FEDORA-2009-7337 (phpMyAdmin)
File : nvt/fcore_2009_7337.nasl
2009-07-06Name : Fedora Core 10 FEDORA-2009-7340 (phpMyAdmin)
File : nvt/fcore_2009_7340.nasl
Hide | Show 21 More...
idDescription
2009-07-03Name : phpMyAdmin SQL bookmark XSS Vulnerability
File : nvt/gb_phpmyadmin_sql_bookmark_xss_vuln.nasl
2009-03-20Name : Gentoo Security Advisory GLSA 200903-32 (phpmyadmin)
File : nvt/glsa_200903_32.nasl
2009-02-17Name : Fedora Update for phpMyAdmin FEDORA-2008-6502
File : nvt/gb_fedora_2008_6502_phpMyAdmin_fc9.nasl
2009-02-17Name : Fedora Update for phpMyAdmin FEDORA-2008-6868
File : nvt/gb_fedora_2008_6868_phpMyAdmin_fc9.nasl
2009-02-17Name : Fedora Update for phpMyAdmin FEDORA-2008-8335
File : nvt/gb_fedora_2008_8335_phpMyAdmin_fc9.nasl
2009-02-17Name : Fedora Update for phpMyAdmin FEDORA-2008-8370
File : nvt/gb_fedora_2008_8370_phpMyAdmin_fc9.nasl
2009-02-16Name : Fedora Update for phpMyAdmin FEDORA-2008-2825
File : nvt/gb_fedora_2008_2825_phpMyAdmin_fc8.nasl
2009-02-16Name : Fedora Update for phpMyAdmin FEDORA-2008-2874
File : nvt/gb_fedora_2008_2874_phpMyAdmin_fc7.nasl
2009-02-02Name : SuSE Security Summary SUSE-SR:2009:003
File : nvt/suse_sr_2009_003.nasl
2008-12-03Name : Debian Security Advisory DSA 1675-1 (phpmyadmin)
File : nvt/deb_1675_1.nasl
2008-10-03Name : phpMyAdmin 'server_databases.php' Remote Command Execution Vulnerability
File : nvt/secpod_phpmyadmin_remote_command_exe_vuln_900130.nasl
2008-09-24Name : Debian Security Advisory DSA 1641-1 (phpmyadmin)
File : nvt/deb_1641_1.nasl
2008-09-24Name : Gentoo Security Advisory GLSA 200805-02 (phpmyadmin)
File : nvt/glsa_200805_02.nasl
2008-09-24Name : FreeBSD Ports: phpMyAdmin
File : nvt/freebsd_phpMyAdmin15.nasl
2008-09-24Name : FreeBSD Ports: phpMyAdmin
File : nvt/freebsd_phpMyAdmin16.nasl
2008-09-04Name : FreeBSD Ports: phpmyadmin
File : nvt/freebsd_phpmyadmin10.nasl
2008-09-04Name : FreeBSD Ports: phpmyadmin
File : nvt/freebsd_phpmyadmin5.nasl
2008-09-04Name : FreeBSD Ports: phpmyadmin
File : nvt/freebsd_phpmyadmin7.nasl
2008-09-04Name : FreeBSD Ports: phpmyadmin
File : nvt/freebsd_phpmyadmin8.nasl
2008-09-04Name : FreeBSD Ports: phpmyadmin
File : nvt/freebsd_phpmyadmin9.nasl

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_phpMyAdmin-090119.nasl - Type : ACT_GATHER_INFO
2009-07-06Name : The remote Fedora host is missing a security update.
File : fedora_2009-7329.nasl - Type : ACT_GATHER_INFO
2009-07-06Name : The remote Fedora host is missing a security update.
File : fedora_2009-7337.nasl - Type : ACT_GATHER_INFO
2009-07-06Name : The remote Fedora host is missing a security update.
File : fedora_2009-7340.nasl - Type : ACT_GATHER_INFO
2009-07-01Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_ba73f49465a811deaef5001c2514716c.nasl - Type : ACT_GATHER_INFO
Hide | Show 20 More...
idDescription
2009-03-19Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200903-32.nasl - Type : ACT_GATHER_INFO
2009-01-22Name : The remote openSUSE host is missing a security update.
File : suse_phpMyAdmin-5935.nasl - Type : ACT_GATHER_INFO
2008-12-03Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1675.nasl - Type : ACT_GATHER_INFO
2008-11-18Name : The remote openSUSE host is missing a security update.
File : suse_phpMyAdmin-5781.nasl - Type : ACT_GATHER_INFO
2008-09-25Name : The remote Fedora host is missing a security update.
File : fedora_2008-8269.nasl - Type : ACT_GATHER_INFO
2008-09-25Name : The remote Fedora host is missing a security update.
File : fedora_2008-8286.nasl - Type : ACT_GATHER_INFO
2008-09-25Name : The remote Fedora host is missing a security update.
File : fedora_2008-8335.nasl - Type : ACT_GATHER_INFO
2008-09-25Name : The remote Fedora host is missing a security update.
File : fedora_2008-8370.nasl - Type : ACT_GATHER_INFO
2008-09-23Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1641.nasl - Type : ACT_GATHER_INFO
2008-09-17Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_74bf1594849311ddbb640030843d3802.nasl - Type : ACT_GATHER_INFO
2008-07-31Name : The remote Fedora host is missing a security update.
File : fedora_2008-6810.nasl - Type : ACT_GATHER_INFO
2008-07-31Name : The remote Fedora host is missing a security update.
File : fedora_2008-6868.nasl - Type : ACT_GATHER_INFO
2008-07-18Name : The remote Fedora host is missing a security update.
File : fedora_2008-6450.nasl - Type : ACT_GATHER_INFO
2008-07-18Name : The remote Fedora host is missing a security update.
File : fedora_2008-6502.nasl - Type : ACT_GATHER_INFO
2008-07-02Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_e285a1f4456811ddae960030843d3802.nasl - Type : ACT_GATHER_INFO
2008-05-09Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200805-02.nasl - Type : ACT_GATHER_INFO
2008-04-28Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_6eb1dc51124411ddbab70016179b2dd5.nasl - Type : ACT_GATHER_INFO
2008-04-28Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1557.nasl - Type : ACT_GATHER_INFO
2008-04-28Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_fe971a0f124611ddbab70016179b2dd5.nasl - Type : ACT_GATHER_INFO
2008-04-04Name : The remote Fedora host is missing a security update.
File : fedora_2008-2825.nasl - Type : ACT_GATHER_INFO