ALT-PU-2022-4787-1
Package phpMyAdmin updated to version 5.1.3-alt1 for branch sisyphus_e2k.
Closed vulnerabilities
BDU:2022-01640
Уязвимость веб-интерфейса веб-приложения для администрирования cистем управления базами данных phpMyAdmin, позволяющая нарушителю получить доступ к конфиденциальной информации
Modified: 2024-11-21
CVE-2022-0813
PhpMyAdmin 5.1.1 and before allows an attacker to retrieve potentially sensitive information by creating invalid requests. This affects the lang parameter, the pma_parameter, and the cookie section.
- GLSA-202311-17
- GLSA-202311-17
- https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information
- https://www.incibe-cert.es/en/early-warning/security-advisories/phpmyadmin-exposure-sensitive-information
- https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/
- https://www.phpmyadmin.net/news/2022/2/11/phpmyadmin-4910-and-513-are-released/
Modified: 2024-11-21
CVE-2022-23807
An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.
Modified: 2024-11-21
CVE-2022-23808
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.