FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374986
Date:      2014-12-20
Time:      00:21:30Z
Committer: delphij

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6b97436c-ce1e-11e2-9cb2-6805ca0b3d42phpMyAdmin -- XSS due to unescaped HTML output in Create View page

The phpMyAdmin development team reports:

When creating a view with a crafted name and an incorrect CREATE statement, it is possible to trigger an XSS.

This vulnerability can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required form.


Discovery 2013-06-05
Entry 2013-06-05
phpMyAdmin
ge 4.0 lt 4.0.3

http://www.phpmyadmin.net/home_page/security/PMASA-2013-6.php
CVE-2013-3742
1b93f6fe-e1c1-11e2-948d-6805ca0b3d42phpMyAdmin -- Global variable scope injection

The phpMyAdmin development team reports:

The import.php script was vulnerable to GLOBALS variable injection. Therefore, an attacker could manipulate any configuration parameter.

This vulnerability can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required form.


Discovery 2013-06-30
Entry 2013-06-30
phpMyAdmin
ge 4.0 lt 4.0.4.1

http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php
CVE-2013-4729