Phpmyadmin Phpmyadmin 2.10.1.0

This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name	cpe:/a:phpmyadmin:phpmyadmin:2.10.1.0

Detail
Vendor	Phpmyadmin	First view	2007-04-25
Product	Phpmyadmin	Last view	2009-07-01
Version	2.10.1.0	Type	Application
Edition
Language
Update

CPE Product	cpe:/a:phpmyadmin:phpmyadmin

Activity : Yearly

Related : CVE

	Date	Alert	Access Vector	Access Complexity	Authentification
4.3	2009-07-01	CVE-2009-2284	Network	Medium	None Requ...
4.3	2008-09-30	CVE-2008-4326	Network	Medium	None Requ...
8.5	2008-09-18	CVE-2008-4096	Network	Medium	Requires ...
2.6	2008-08-04	CVE-2008-3457	Network	High	None Requ...
6.4	2008-08-04	CVE-2008-3456	Network	Low	None Requ...
Hide \| Show 4 More...

	Date	Alert	Access Vector	Access Complexity	Authentification
3.5	2008-07-16	CVE-2008-3197	Network	Medium	Requires ...
2.1	2008-03-31	CVE-2008-1567	Local	Low	None Requ...
2.6	2007-11-23	CVE-2007-6100	Network	High	None Requ...
6.8	2007-04-25	CVE-2007-2245	Network	Medium	None Requ...

CWE : Common Weakness Enumeration

%	id	Name
50% (4)	CWE-79	Failure to Preserve Web Page Structure ('Cross-site Scripting')
12% (1)	CWE-352	Cross-Site Request Forgery (CSRF)
12% (1)	CWE-200	Information Exposure
12% (1)	CWE-59	Improper Link Resolution Before File Access ('Link Following')
12% (1)	CWE-20	Improper Input Validation

CAPEC : Common Attack Pattern Enumeration & Classificatio

id	Name
CAPEC-31	Accessing/Intercepting/Modifying HTTP Cookies
CAPEC-37	Lifting Data Embedded in Client Distributions
CAPEC-65	Passively Sniff and Capture Application Code Bound for Authorized Client
CAPEC-117	Data Interception Attacks
CAPEC-155	Screen Temporary Files for Sensitive Information
Hide \| Show 7 More...

id	Name
CAPEC-157	Sniffing Attacks
CAPEC-167	Lifting Sensitive Data from the Client
CAPEC-204	Lifting cached, sensitive data embedded in client distributions (thick or thin)
CAPEC-205	Lifting credential(s)/key material embedded in client distributions (thick or...
CAPEC-258	Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...
CAPEC-259	Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...
CAPEC-260	Passively Sniffing and Capturing Application Code Bound for an Authorized Cli...

Open Source Vulnerability Database (OSVDB)

id	Description
55514	phpMyAdmin Crafted SQL Bookmark XSS
48480	phpMyAdmin libraries/js_escape.lib.php PMA_escapeJsString() Function MSIE Nul...
48154	phpMyAdmin server_databases.php sort_by Variable Arbitrary PHP Code Execution
47487	phpMyAdmin setup.php Configuration Manipulation Based XSS
47486	phpMyAdmin setup.php Cross-Frame Scripting
Hide \| Show 5 More...

id	Description
47322	phpMyAdmin index.php Multiple Parameter CSRF
47321	phpMyAdmin db_create.php db Parameter CSRF
43908	phpMyAdmin Session Data Credential / Secret Key Disclosure
38835	phpMyAdmin index.php convcharset Parameter XSS
35050	phpMyAdmin browse_foreigners.php fieldkey Parameter XSS

Copyright Security-Database 2006-2013 - Powered by themself ;) in 0.0794s

Facebook rss twitter linkedin mail