Sign In

Предупреждения


phpMyAdmin Releases Security Updates – 13.12.2018


phpMyAdmin has release version 4.8.4 and multiple patches to addresses XSS, XSRF/CSRF vulnerabilities, and  local file inclusion through transformation feature vulnerabilities. An attacker could exploit thеsе vulnerabilities to  deliver a payload to a user through a specially-crafted database/table name, ,to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users, updating user passwords, killing SQL processes, etc., or to leak the contents of a local file.

Affected Versions
·        phpMyAdmin versions from at least 4.0 through 4.8.3 - XSS  and local file inclusion through transformation feature vulnerabilities;
·        phpMyAdmin versions 4.7.0 through 4.7.6 and 4.8.0 through 4.8.3 - XSRF/CSRF vulnerabilities.
CERT Bulgaria encourages users and administrators to review the phpMyAdmin Announcements PMASA-2018-6, PMASA-2018-7, and PMASA-2018-8  and upgrade to phpMyAdmin 4.8.4 or newer or apply recommended patches.

https://www.phpmyadmin.net/security/PMASA-2018-6/
https://www.phpmyadmin.net/security/PMASA-2018-7/
https://www.phpmyadmin.net/security/PMASA-2018-8/

13/12/2018

NEW VIRUSES RSS
VULNERABILITIES RSS