Community Forums
Connect with us on LinkedIn
Security vulnerability: phpMyAdmin Cross-Site Scripting Vulnerabilities
  
+ Reply to Thread
Results 1 to 2 of 2
  1. 11-19-2004 07:14 AM #1
    iCARus
    iCARus is offline
    Member
    Join Date
    Apr 2003
    Posts
    114

    Exclamation Security vulnerability: phpMyAdmin Cross-Site Scripting Vulnerabilities

    Cedric Cochin has reported some vulnerabilities in phpMyAdmin, which
    can be exploited by malicious people to conduct cross-site scripting
    attacks.

    Input passed to the "zero_rows" and "sql_query" parameters in
    "read_dump.php" and the "PmaAbsoluteUri" parameter is not
    sufficiently sanitised before being returned to users. This can be
    exploited to execute arbitrary HTML or script code in a user's
    browser session in context of a vulnerable site.

    SOLUTION:
    Update to version 2.6.0-pl3.
    http://www.phpmyadmin.net/home_page/downloads.php
    Reply With Quote Reply With Quote
  2. 11-19-2004 09:51 AM #2
    chirpy
    chirpy is offline
    Super Moderator This forum account has been confirmed by cPanel staff to represent a vendor. chirpy's Avatar
    Join Date
    Jun 2002
    Location
    Go on, have a guess
    Posts
    13,495

    Default

    You should really report security issues to cPanel either via bugzilla or to billing@cpanel.net
    Jonathan Michaelson

    Need your cPanel servers secured and tuned?
    cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
    Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
    http://www.configserver.com
    Reply With Quote Reply With Quote
«   Cannot cd to dir /var/spool/exim_incoming/input/ | Can a huge amount of subdomains slow down apache ? »     
Similar Threads & Tags
Similar threads

  1. Cpanel cross site scripting vulnerability
    By driverC in forum cPanel and WHM Discussions
    Replies: 1
    Last Post: 08-13-2008, 01:04 PM
  2. CPanel Multiple Cross-Site Scripting Vulnerabilities BugTraq ID: 20683
    By dlennon in forum cPanel and WHM Discussions
    Replies: 4
    Last Post: 10-26-2006, 10:07 AM
  3. cPanel Multiple Cross-Site Scripting Vulnerabilities
    By leorevenda in forum cPanel and WHM Discussions
    Replies: 1
    Last Post: 08-22-2006, 10:17 AM
  4. cPanel User Parameter Cross-Site Scripting Vulnerability [old]
    By maaking in forum cPanel and WHM Discussions
    Replies: 2
    Last Post: 07-16-2005, 10:06 AM
  5. cPanel cpsrvd.pl Cross-Site Scripting Vulnerability
    By sr_gireesh in forum cPanel and WHM Discussions
    Replies: 1
    Last Post: 06-23-2005, 03:26 AM
Linkedin       Facebook       Twitter       RSS       Flickr       YouTube