oss-sec mailing list archives
Re: CVE request: phpmyadmin < 2.11.7.1
From: Thijs Kinkhorst <thijs () debian org>
Date: Tue, 15 Jul 2008 21:09:03 +0200
On Tuesday 15 July 2008 21:00, Hanno Böck wrote:
From Changelog: - protection against XSS when register_globals is on and .htaccess has no effect, thanks to Tim Starling
Note: this has already been assigned CVE-2008-2960 following a previous request from you.
- (2.11.7.1) [security] XSRF/CSRF by manipulating the db, convcharset and collation_connection parameters, thanks to YGN Ethical Hacker Group
This still needs one. Thijs
Attachment:
_bin
Description:
Current thread:
- CVE request: phpmyadmin < 2.11.7.1 Hanno Böck (Jul 15)
- Re: CVE request: phpmyadmin < 2.11.7.1 Thijs Kinkhorst (Jul 16)
- Re: CVE request: phpmyadmin < 2.11.7.1 Hanno Böck (Jul 16)
- Re: CVE request: phpmyadmin < 2.11.7.1 Steven M. Christey (Jul 16)
- Re: CVE request: phpmyadmin < 2.11.7.1 Thijs Kinkhorst (Jul 16)