diff options
author | pav <pav@FreeBSD.org> | 2004-07-02 07:55:39 +0800 |
---|---|---|
committer | pav <pav@FreeBSD.org> | 2004-07-02 07:55:39 +0800 |
commit | 0fd73fe5899065be19d9456924aa7f49ec61d124 (patch) | |
tree | b262be93c2cf3580b342a453c74b2939a00509e3 | |
parent | 1b1dbca839dbc893bed96e0b714edfda78123258 (diff) | |
download | freebsd-ports-gnome-0fd73fe5899065be19d9456924aa7f49ec61d124.tar.gz freebsd-ports-gnome-0fd73fe5899065be19d9456924aa7f49ec61d124.tar.zst freebsd-ports-gnome-0fd73fe5899065be19d9456924aa7f49ec61d124.zip |
- Add phpMyAdmin 2.5.7 vulnerability.
I hope I got XML right.
-rw-r--r-- | security/vuxml/vuln.xml | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 4b42235ddf8d..f3c781adb774 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -3648,4 +3648,29 @@ misc.c: <modified>2003-10-25</modified> </dates> </vuln> + + <vuln vid="9fe115e6-cbb9-11d8-a8d4-0002b34cc336"> + <topic>Remote code injection in phpMyAdmin</topic> + <affects> + <package> + <name>phpmyadmin</name> + <range><lt>2.5.7.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>This vulnerability would allow remote user to inject PHP code + to be executed by eval() function. This vulnerability is only + exploitable if variable $cfg['LeftFrameLight'] is set to FALSE (in + file config.inc.php).</p> + </body> + </description> + <references> + <url>http://www.securityfocus.com/archive/1/367486/2004-06-28/2004-07-04/0</url> + </references> + <dates> + <discovery>2004-06-29</discovery> + <entry>2004-07-02</entry> + </dates> + </vuln> </vuxml> |