phpMyAdmin security announcements http://www.phpmyadmin.net/security/ phpMyAdmin security announcements en-us phpMyAdmin devel team 2010-09-02T13:22:03+00:00 http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php http://www.phpmyadmin.net/home_page/security/PMASA-2010-6.php PMASA-2010-6 2010-08-30T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security XSS attack using debugging messages.

Affected Versions

For 3.x: versions before 3.3.6 are affected.

CVE ID

CVE-2010-2958

]]> http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php http://www.phpmyadmin.net/home_page/security/PMASA-2010-5.php PMASA-2010-5 2010-08-20T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security Several XSS vulnerabilities were found in the code.

Affected Versions

For 2.11.x: versions before 2.11.10.1 are affected. For 3.x: versions before 3.3.5.1 are affected.

CVE ID

CVE-2010-3056

]]> http://www.phpmyadmin.net/home_page/security/PMASA-2010-4.php http://www.phpmyadmin.net/home_page/security/PMASA-2010-4.php PMASA-2010-4 2010-08-20T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security Insufficient output sanitizing when generating configuration file.

Affected Versions

For 2.11.x: versions before 2.11.10.1.

CVE ID

CVE-2010-3055

]]> http://www.phpmyadmin.net/home_page/security/PMASA-2010-3.php http://www.phpmyadmin.net/home_page/security/PMASA-2010-3.php PMASA-2010-3 2010-01-15T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security Unsafe usage of unserialize function.

Affected Versions

For 2.11.x: versions before 2.11.10 are affected.

CVE ID

CVE-2009-4605

]]> http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php http://www.phpmyadmin.net/home_page/security/PMASA-2010-2.php PMASA-2010-2 2010-01-15T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security Unsafe handling of temporary files

Affected Versions

For 2.11.x: versions before 2.11.10 are affected.

CVE ID

CVE-2008-7252

]]> http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php http://www.phpmyadmin.net/home_page/security/PMASA-2010-1.php PMASA-2010-1 2010-01-15T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security Unsafe handling of temporary directory

Affected Versions

For 2.11.x: versions before 2.11.10 are affected.

CVE ID

CVE-2008-7251

]]> http://www.phpmyadmin.net/home_page/security/PMASA-2009-6.php http://www.phpmyadmin.net/home_page/security/PMASA-2009-6.php PMASA-2009-6 2009-10-13T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security XSS and SQL injection vulnerabilities

Affected Versions

For 2.11.x: versions before 2.11.9.6 are affected. For 3.x: versions before 3.2.2.1 are affected.

CVE ID

CVE-2009-3696

CVE-2009-3697

]]> http://www.phpmyadmin.net/home_page/security/PMASA-2009-5.php http://www.phpmyadmin.net/home_page/security/PMASA-2009-5.php PMASA-2009-5 2009-06-30T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security XSS vulnerability

Affected Versions

For 2.11.x: versions are not affected. For 3.x: All 3.x releases on which the "bookmarks" feature is active are affected.

CVE ID

CVE-2009-2284

]]> http://www.phpmyadmin.net/home_page/security/PMASA-2009-4.php http://www.phpmyadmin.net/home_page/security/PMASA-2009-4.php PMASA-2009-4 2009-04-14T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security Insufficient output sanitizing when generating configuration file.

Affected Versions

For 2.11.x: versions are not affected. For 3.x: versions before 3.1.3.2.

CVE ID

CVE-2009-1285

]]> http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php PMASA-2009-3 2009-03-24T00:00:00+00:00 phpMyAdmin devel team phpMyAdmin security Insufficient output sanitizing when generating configuration file.

Affected Versions

For 2.11.x: versions before 2.11.9.5. For 3.x: versions before 3.1.3.1.

CVE ID

CVE-2009-1151

]]>