FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

phpmyadmin -- arbitrary file include and XSS vulnerabilities

Affected packages
1.3.1 < phpmyadmin < 2.6.1.2
1.3.1 < phpMyAdmin < 2.6.1.2

Details

VuXML ID 882ef43b-901f-11d9-a22c-0001020eed82
Discovery 2005-02-21
Entry 2005-03-08

A phpMyAdmin security announcement reports:

We received two bug reports by Maksymilian Arciemowicz about those vulnerabilities and we wish to thank him for his work. The vulnerabilities apply to those points:

  1. css/phpmyadmin.css.php was vulnerable against $cfg and GLOBALS variable injections. This way, a possible attacker could manipulate any configuration parameter. Using phpMyAdmin's theming mechanism, he was able to include arbitrary files. This is especially dangerous if php is not running in safe mode.
  2. A possible attacker could manipulate phpMyAdmin's localized strings via the URL and inject harmful JavaScript code this way, which could be used for XSS attacks.

References

Bugtraq ID 12644
Bugtraq ID 12645
CVE Name CVE-2005-0543
CVE Name CVE-2005-0567
Message 20050224190307.20197.qmail@www.securityfocus.com
URL http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2005-1