- Home
- CVEs with nessus.description==Several remote vulnerabilities have been discovered in phpMyAdmin, a
tool to administer MySQL over the web. The Common Vulnerabilities and
Exposures project identifies the following problems :
- CVE-2009-1150
Cross site scripting vulnerability in the export page
allow for an attacker that can place crafted cookies
with the user to inject arbitrary web script or HTML.
- CVE-2009-1151
Static code injection allows for a remote attacker to
inject arbitrary code into phpMyAdmin via the setup.php
script. This script is in Debian under normal
circumstances protected via Apache authentication.
However, because of a recent worm based on this exploit,
we are patching it regardless, to also protect
installations that somehow still expose the setup.php
script.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top