FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  454837
Date:      2017-11-24
Time:      19:28:57Z
Committer: joneum

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0871d18b-9638-11e3-a371-6805ca0b3d42phpMyAdmin -- Self-XSS due to unescaped HTML output in import.

The phpMyAdmin development team reports:

When importing a file with crafted filename, it is possible to trigger an XSS. We consider this vulnerability to be non critical.


Discovery 2014-02-15
Entry 2014-02-15
phpMyAdmin
ge 3.3.1 lt 4.1.7

http://www.phpmyadmin.net/home_page/security/PMASA-2014-1.php
CVE-2014-1879
17326fd5-fcfb-11e2-9bb9-6805ca0b3d42phpMyAdmin -- clickJacking protection can be bypassed

The phpMyAdmin development team reports:

phpMyAdmin has a number of mechanisms to avoid a clickjacking attack, however these mechanisms either work only in modern browser versions, or can be bypassed.

"We have no solution for 3.5.x, due to the proposed solution requiring JavaScript. We don't want to introduce a dependency to JavaScript in the 3.5.x family."


Discovery 2013-08-04
Entry 2013-08-04
phpMyAdmin
lt 4.0.5

http://www.phpmyadmin.net/home_page/security/PMASA-2013-10.php
f4a0212f-f797-11e2-9bb9-6805ca0b3d42phpMyAdmin -- multiple vulnerabilities

The phpMyAdmin development team reports:

XSS due to unescaped HTML Output when executing a SQL query.

5 XSS vulnerabilities in setup, chart display, process list, and logo link.

If a crafted version.json would be presented, an XSS could be introduced.

Full path disclosure vulnerabilities.

XSS vulnerability when a text to link transformation is used.

Self-XSS due to unescaped HTML output in schema export.

SQL injection vulnerabilities, producing a privilege escalation (control user).


Discovery 2013-07-28
Entry 2013-07-28
Modified 2013-07-29
phpMyAdmin
ge 4.0 lt 4.0.4.2

phpMyAdmin35
ge 3.5 lt 3.5.8.2

http://www.phpmyadmin.net/home_page/security/PMASA-2013-8.php
http://www.phpmyadmin.net/home_page/security/PMASA-2013-9.php
http://www.phpmyadmin.net/home_page/security/PMASA-2013-11.php
http://www.phpmyadmin.net/home_page/security/PMASA-2013-12.php
http://www.phpmyadmin.net/home_page/security/PMASA-2013-13.php
http://www.phpmyadmin.net/home_page/security/PMASA-2013-14.php
http://www.phpmyadmin.net/home_page/security/PMASA-2013-15.php
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/3.5.8.2/phpMyAdmin-3.5.8.2-notes.html/view
http://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.0.4.2/phpMyAdmin-4.0.4.2-notes.html/view