oss-sec mailing list archives
CVE request: phpmyadmin < 2.11.7.1
From: Hanno Böck <hanno () hboeck de>
Date: Tue, 15 Jul 2008 21:00:55 +0200
http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0 From Changelog: - protection against XSS when register_globals is on and .htaccess has no effect, thanks to Tim Starling - (2.11.7.1) [security] XSRF/CSRF by manipulating the db, convcharset and collation_connection parameters, thanks to YGN Ethical Hacker Group -- Hanno Böck Blog: http://www.hboeck.de/ GPG: 3DBD3B20 Jabber/Mail: hanno () hboeck de
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE request: phpmyadmin < 2.11.7.1 Hanno Böck (Jul 15)
- Re: CVE request: phpmyadmin < 2.11.7.1 Thijs Kinkhorst (Jul 16)
- Re: CVE request: phpmyadmin < 2.11.7.1 Hanno Böck (Jul 16)
- Re: CVE request: phpmyadmin < 2.11.7.1 Steven M. Christey (Jul 16)
- Re: CVE request: phpmyadmin < 2.11.7.1 Thijs Kinkhorst (Jul 16)