ALT-BU-2019-3728-1
Branch sisyphus update bulletin.
Package phpMyAdmin updated to version 4.9.0.1-alt1 for branch sisyphus in task 231932.
Closed vulnerabilities
BDU:2020-03949
Уязвимость функции конструктора (designer/move.js file) веб-приложения для администрирования систем управления базами данных phpMyAdmin, позволяющая нарушителю выполнить произвольный код
Modified: 2024-11-21
CVE-2019-11768
An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability was reported where a specially crafted database name can be used to trigger an SQL injection attack through the designer feature.
Modified: 2024-11-21
CVE-2019-12616
An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability was found that allows an attacker to trigger a CSRF attack against a phpMyAdmin user. The attacker can trick the user, for instance through a broken tag pointing at the victim's phpMyAdmin database, and the attacker can potentially deliver a payload (such as a specific INSERT or DELETE statement) to the victim.
- openSUSE-SU-2019:1689
- openSUSE-SU-2019:1689
- openSUSE-SU-2019:1861
- openSUSE-SU-2019:1861
- http://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html
- http://packetstormsecurity.com/files/153251/phpMyAdmin-4.8-Cross-Site-Request-Forgery.html
- 108619
- 108619
- [debian-lts-announce] 20190617 [SECURITY] [DLA 1821-1] phpmyadmin security update
- [debian-lts-announce] 20190617 [SECURITY] [DLA 1821-1] phpmyadmin security update
- FEDORA-2019-13d2ba0aed
- FEDORA-2019-13d2ba0aed
- FEDORA-2019-33649e2e64
- FEDORA-2019-33649e2e64
- https://www.phpmyadmin.net/security/
- https://www.phpmyadmin.net/security/
- https://www.phpmyadmin.net/security/PMASA-2019-4/
- https://www.phpmyadmin.net/security/PMASA-2019-4/
Closed vulnerabilities
Modified: 2024-11-21
CVE-2013-7469
Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks.