FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpMyAdmin -- multiple vulnerabilities

Affected packages
phpMyAdmin < 3.3.9.2
phpMyAdmin211 < 2.11.11.3

Details

VuXML ID cd68ff50-362b-11e0-ad36-00215c6a37bb
Discovery 2011-02-08
Entry 2011-02-11

phpMyAdmin team reports:

It was possible to create a bookmark which would be executed unintentionally by other users.

When the files README, ChangeLog or LICENSE have been removed from their original place (possibly by the distributor), the scripts used to display these files can show their full path, leading to possible further attacks.

References

URL http://www.phpmyadmin.net/home_page/security/PMASA-2011-1.php
URL http://www.phpmyadmin.net/home_page/security/PMASA-2011-2.php