FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  365592
Date:      2014-08-21
Time:      19:46:21Z
Committer: zi

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
17326fd5-fcfb-11e2-9bb9-6805ca0b3d42phpMyAdmin -- clickJacking protection can be bypassed

The phpMyAdmin development team reports:

phpMyAdmin has a number of mechanisms to avoid a clickjacking attack, however these mechanisms either work only in modern browser versions, or can be bypassed.

"We have no solution for 3.5.x, due to the proposed solution requiring JavaScript. We don't want to introduce a dependency to JavaScript in the 3.5.x family."


Discovery 2013-08-04
Entry 2013-08-04
phpMyAdmin
lt 4.0.5

http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php
0871d18b-9638-11e3-a371-6805ca0b3d42phpMyAdmin -- Self-XSS due to unescaped HTML output in import.

The phpMyAdmin development team reports:

When importing a file with crafted filename, it is possible to trigger an XSS. We consider this vulnerability to be non critical.


Discovery 2014-02-15
Entry 2014-02-15
phpMyAdmin
ge 3.3.1 lt 4.1.7

http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php
CVE-2014-1879