SB2014122601 - Multiple vulnerabilities in phpMyAdmin
Published: December 26, 2014 Updated: August 9, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Cross-site scripting (CVE-ID: CVE-2011-3592)
The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when processing data passed via a (1) database name, (2) table name, or (3) column name that is not properly handled after an inline-editing operation. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
2) Cross-site scripting (CVE-ID: CVE-2011-3591)
The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data when processing data passed via a crafted row that triggers an improperly constructed confirmation message after inline-editing and save operations, related to (1) js/functions.js and (2) js/tbl_structure.js. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Remediation
Cybersecurity Help is not aware of any official remediation provided by the vendor.
References
- http://www.openwall.com/lists/oss-security/2011/09/30/8
- http://www.phpmyadmin.net/home_page/security/PMASA-2011-14.php
- https://bugzilla.redhat.com/show_bug.cgi?id=738681
- https://github.com/phpmyadmin/phpmyadmin/commit/2f28ce9c800274190418da0945ce3647d36e1db6
- https://github.com/phpmyadmin/phpmyadmin/commit/bda213c58aec44925be661acb0e76c19483ea170