FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  517352
Date:      2019-11-12
Time:      21:38:20Z
Committer: gjb

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
3d0e724e-129b-11dc-9f79-0016179b2dd5phppgadmin -- cross site scripting vulnerability

SecurityFocus reports about phppgadmin:

Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.


Discovery 2007-05-27
Entry 2007-06-04
Modified 2010-05-12
phppgadmin
lt 4.1.1

24115
CVE-2007-5728
http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html
http://secunia.com/advisories/25446/
3d0e724e-129b-11dc-9f79-0016179b2dd5phppgadmin -- cross site scripting vulnerability

SecurityFocus reports about phppgadmin:

Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.


Discovery 2007-05-27
Entry 2007-06-04
Modified 2010-05-12
phppgadmin
lt 4.1.1

24115
CVE-2007-5728
http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html
http://secunia.com/advisories/25446/
88188a8c-eff6-11d9-8310-0001020eed82phppgadmin -- "formLanguage" local file inclusion vulnerability

A Secunia Advisory reports:

A vulnerability has been reported in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information.

Input passed to the "formLanguage" parameter in "index.php" isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from local resources.

Successful exploitation requires that "magic_quotes_gpc" is disabled.


Discovery 2005-07-05
Entry 2005-07-08
Modified 2005-07-21
phppgadmin
lt 3.5.4

14142
CVE-2005-2256
http://secunia.com/advisories/15941/
http://sourceforge.net/project/shownotes.php?release_id=342261
4ce3c20b-124b-11de-a964-0030843d3802phppgadmin -- directory traversal with register_globals enabled

Secunia reports:

Dun has discovered a vulnerability in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information.

Input passed via the "_language" parameter to libraries/lib.inc.php is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes.


Discovery 2008-12-08
Entry 2009-03-16
phppgadmin
lt 4.2.2

32670
CVE-2008-5587
http://secunia.com/advisories/33014
4ce3c20b-124b-11de-a964-0030843d3802phppgadmin -- directory traversal with register_globals enabled

Secunia reports:

Dun has discovered a vulnerability in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information.

Input passed via the "_language" parameter to libraries/lib.inc.php is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes.


Discovery 2008-12-08
Entry 2009-03-16
phppgadmin
lt 4.2.2

32670
CVE-2008-5587
http://secunia.com/advisories/33014
88188a8c-eff6-11d9-8310-0001020eed82phppgadmin -- "formLanguage" local file inclusion vulnerability

A Secunia Advisory reports:

A vulnerability has been reported in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information.

Input passed to the "formLanguage" parameter in "index.php" isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from local resources.

Successful exploitation requires that "magic_quotes_gpc" is disabled.


Discovery 2005-07-05
Entry 2005-07-08
Modified 2005-07-21
phppgadmin
lt 3.5.4

14142
CVE-2005-2256
http://secunia.com/advisories/15941/
http://sourceforge.net/project/shownotes.php?release_id=342261