aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorpav <pav@FreeBSD.org>2004-07-02 07:55:39 +0800
committerpav <pav@FreeBSD.org>2004-07-02 07:55:39 +0800
commit0fd73fe5899065be19d9456924aa7f49ec61d124 (patch)
treeb262be93c2cf3580b342a453c74b2939a00509e3
parent1b1dbca839dbc893bed96e0b714edfda78123258 (diff)
downloadfreebsd-ports-gnome-0fd73fe5899065be19d9456924aa7f49ec61d124.tar.gz
freebsd-ports-gnome-0fd73fe5899065be19d9456924aa7f49ec61d124.tar.zst
freebsd-ports-gnome-0fd73fe5899065be19d9456924aa7f49ec61d124.zip
- Add phpMyAdmin 2.5.7 vulnerability.
I hope I got XML right.
-rw-r--r--security/vuxml/vuln.xml25
1 files changed, 25 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 4b42235ddf8d..f3c781adb774 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -3648,4 +3648,29 @@ misc.c:
<modified>2003-10-25</modified>
</dates>
</vuln>
+
+ <vuln vid="9fe115e6-cbb9-11d8-a8d4-0002b34cc336">
+ <topic>Remote code injection in phpMyAdmin</topic>
+ <affects>
+ <package>
+ <name>phpmyadmin</name>
+ <range><lt>2.5.7.1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>This vulnerability would allow remote user to inject PHP code
+ to be executed by eval() function. This vulnerability is only
+ exploitable if variable $cfg['LeftFrameLight'] is set to FALSE (in
+ file config.inc.php).</p>
+ </body>
+ </description>
+ <references>
+ <url>http://www.securityfocus.com/archive/1/367486/2004-06-28/2004-07-04/0</url>
+ </references>
+ <dates>
+ <discovery>2004-06-29</discovery>
+ <entry>2004-07-02</entry>
+ </dates>
+ </vuln>
</vuxml>