This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Name cpe:/a:phpmyadmin:phpmyadmin:2.8.1
Detail
Vendor Phpmyadmin First view 2006-07-06
Product Phpmyadmin Last view 2009-07-01
Version 2.8.1 Type Application
Edition  
Language  
Update  
 
CPE Product cpe:/a:phpmyadmin:phpmyadmin

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
4.3 2009-07-01 CVE-2009-2284 Network Medium None Requ...
4.3 2008-09-30 CVE-2008-4326 Network Medium None Requ...
3.5 2008-07-16 CVE-2008-3197 Network Medium Requires ...
2.6 2007-11-23 CVE-2007-6100 Network High None Requ...
4.3 2007-03-10 CVE-2007-1395 Network Medium None Requ...
Hide | Show 5 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
6.8 2007-01-17 CVE-2007-0341 Network Medium None Requ...
4.3 2006-11-03 CVE-2006-5718 Network Medium None Requ...
5 2006-10-03 CVE-2006-5117 Network Low None Requ...
5.1 2006-10-03 CVE-2006-5116 Network High None Requ...
5.8 2006-07-06 CVE-2006-3388 Network Medium None Requ...

CWE : Common Weakness Enumeration

%idName
75% (3)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
25% (1)CWE-352Cross-Site Request Forgery (CSRF)

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:8223DSA-1675 phpmyadmin -- insufficient input sanitising
oval:org.mitre.oval:def:19750DSA-1675-1 phpmyadmin - cross site scripting

Open Source Vulnerability Database (OSVDB)

idDescription
58781phpMyAdmin Top-level URI convcharset Parameter javascript: URI XSS
55514phpMyAdmin Crafted SQL Bookmark XSS
48480phpMyAdmin libraries/js_escape.lib.php PMA_escapeJsString() Function MSIE Nul...
47322phpMyAdmin index.php Multiple Parameter CSRF
47321phpMyAdmin db_create.php db Parameter CSRF
Hide | Show 8 More...
idDescription
38835phpMyAdmin index.php convcharset Parameter XSS
35048phpMyAdmin XSS Protection String Blacklist Bypass
30171phpMyAdmin error.php UTF-7 / UT-ASCII XSS
30141phpMyAdmin url_generating.lib.php Multiple Method CSRF
30140phpMyAdmin session.inc.php Multiple Method CSRF
29241phpMyAdmin libraries/.htaccess Allow Rule Weakness
29240phpMyAdmin libraries/common.lib.php Multiple Method CSRF
26949phpMyAdmin table Parameter XSS

OpenVAS Exploits

idDescription
2009-08-17Name : Mandrake Security Advisory MDVSA-2009:192 (phpmyadmin)
File : nvt/mdksa_2009_192.nasl
2009-07-06Name : FreeBSD Ports: phpMyAdmin
File : nvt/freebsd_phpMyAdmin19.nasl
2009-07-06Name : Fedora Core 11 FEDORA-2009-7329 (phpMyAdmin)
File : nvt/fcore_2009_7329.nasl
2009-07-06Name : Fedora Core 9 FEDORA-2009-7337 (phpMyAdmin)
File : nvt/fcore_2009_7337.nasl
2009-07-06Name : Fedora Core 10 FEDORA-2009-7340 (phpMyAdmin)
File : nvt/fcore_2009_7340.nasl
Hide | Show 13 More...
idDescription
2009-07-03Name : phpMyAdmin SQL bookmark XSS Vulnerability
File : nvt/gb_phpmyadmin_sql_bookmark_xss_vuln.nasl
2009-02-17Name : Fedora Update for phpMyAdmin FEDORA-2008-6502
File : nvt/gb_fedora_2008_6502_phpMyAdmin_fc9.nasl
2009-02-02Name : SuSE Security Summary SUSE-SR:2009:003
File : nvt/suse_sr_2009_003.nasl
2008-12-03Name : Debian Security Advisory DSA 1675-1 (phpmyadmin)
File : nvt/deb_1675_1.nasl
2008-09-24Name : Debian Security Advisory DSA 1641-1 (phpmyadmin)
File : nvt/deb_1641_1.nasl
2008-09-24Name : FreeBSD Ports: phpMyAdmin
File : nvt/freebsd_phpMyAdmin15.nasl
2008-09-04Name : FreeBSD Ports: phpMyAdmin
File : nvt/freebsd_phpMyAdmin11.nasl
2008-09-04Name : FreeBSD Ports: phpmyadmin
File : nvt/freebsd_phpmyadmin10.nasl
2008-09-04Name : FreeBSD Ports: phpmyadmin
File : nvt/freebsd_phpmyadmin5.nasl
2008-01-17Name : Debian Security Advisory DSA 1370-1 (phpmyadmin)
File : nvt/deb_1370_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1370-2 (phpmyadmin)
File : nvt/deb_1370_2.nasl
2008-01-17Name : Debian Security Advisory DSA 1207-1 (phpmyadmin)
File : nvt/deb_1207_1.nasl
2008-01-17Name : Debian Security Advisory DSA 1207-2 (phpmyadmin)
File : nvt/deb_1207_2.nasl

Nessus® Vulnerability Scanner

idDescription
2009-07-21Name : The remote openSUSE host is missing a security update.
File : suse_11_0_phpMyAdmin-090119.nasl - Type : ACT_GATHER_INFO
2009-07-06Name : The remote Fedora host is missing a security update.
File : fedora_2009-7329.nasl - Type : ACT_GATHER_INFO
2009-07-06Name : The remote Fedora host is missing a security update.
File : fedora_2009-7337.nasl - Type : ACT_GATHER_INFO
2009-07-06Name : The remote Fedora host is missing a security update.
File : fedora_2009-7340.nasl - Type : ACT_GATHER_INFO
2009-07-01Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_ba73f49465a811deaef5001c2514716c.nasl - Type : ACT_GATHER_INFO
Hide | Show 14 More...
idDescription
2009-01-22Name : The remote openSUSE host is missing a security update.
File : suse_phpMyAdmin-5935.nasl - Type : ACT_GATHER_INFO
2008-12-03Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1675.nasl - Type : ACT_GATHER_INFO
2008-09-23Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1641.nasl - Type : ACT_GATHER_INFO
2008-07-18Name : The remote Fedora host is missing a security update.
File : fedora_2008-6450.nasl - Type : ACT_GATHER_INFO
2008-07-18Name : The remote Fedora host is missing a security update.
File : fedora_2008-6502.nasl - Type : ACT_GATHER_INFO
2008-03-13Name : The remote openSUSE host is missing a security update.
File : suse_phpMyAdmin-5083.nasl - Type : ACT_GATHER_INFO
2008-03-13Name : The remote openSUSE host is missing a security update.
File : suse_phpMyAdmin-5084.nasl - Type : ACT_GATHER_INFO
2007-11-26Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_15485ae8984811dc9e480016179b2dd5.nasl - Type : ACT_GATHER_INFO
2007-10-17Name : The remote openSUSE host is missing a security update.
File : suse_phpMyAdmin-2300.nasl - Type : ACT_GATHER_INFO
2007-09-14Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1370.nasl - Type : ACT_GATHER_INFO
2007-02-18Name : The remote host is missing a vendor-supplied security patch
File : suse_SA_2006_071.nasl - Type : ACT_GATHER_INFO
2006-11-20Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1207.nasl - Type : ACT_GATHER_INFO
2006-10-06Name : The remote web server contains a PHP application that suffers from multiple i...
File : phpmyadmin_291.nasl - Type : ACT_GATHER_INFO
2006-10-02Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_19b17ab451e011dba5ae00508d6a62df.nasl - Type : ACT_GATHER_INFO