FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  363221
Date:      2014-07-28
Time:      18:38:13Z
Committer: cs

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
6b97436c-ce1e-11e2-9cb2-6805ca0b3d42phpMyAdmin -- XSS due to unescaped HTML output in Create View page

The phpMyAdmin development team reports:

When creating a view with a crafted name and an incorrect CREATE statement, it is possible to trigger an XSS.

This vulnerability can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required form.


Discovery 2013-06-05
Entry 2013-06-05
phpMyAdmin
ge 4.0 lt 4.0.3

http://www.phpmyadmin.net/home_page/security/PMASA-2013-6.php
CVE-2013-3742
1b93f6fe-e1c1-11e2-948d-6805ca0b3d42phpMyAdmin -- Global variable scope injection

The phpMyAdmin development team reports:

The import.php script was vulnerable to GLOBALS variable injection. Therefore, an attacker could manipulate any configuration parameter.

This vulnerability can be triggered only by someone who logged in to phpMyAdmin, as the usual token protection prevents non-logged-in users from accessing the required form.


Discovery 2013-06-30
Entry 2013-06-30
phpMyAdmin
ge 4.0 lt 4.0.4.1

http://www.phpmyadmin.net/home_page/security/PMASA-2013-7.php
CVE-2013-4729