FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
3d0e724e-129b-11dc-9f79-0016179b2dd5	phppgadmin -- cross site scripting vulnerability SecurityFocus reports about phppgadmin: Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks. Discovery 2007-05-27 Entry 2007-06-04 Modified 2010-05-12 phppgadmin < 4.1.1 24115 CVE-2007-5728 http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html http://secunia.com/advisories/25446/
4ce3c20b-124b-11de-a964-0030843d3802	phppgadmin -- directory traversal with register_globals enabled Secunia reports: Dun has discovered a vulnerability in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information. Input passed via the "_language" parameter to libraries/lib.inc.php is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. Discovery 2008-12-08 Entry 2009-03-16 phppgadmin < 4.2.2 32670 CVE-2008-5587 http://secunia.com/advisories/33014
88188a8c-eff6-11d9-8310-0001020eed82	phppgadmin -- "formLanguage" local file inclusion vulnerability A Secunia Advisory reports: A vulnerability has been reported in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information. Input passed to the "formLanguage" parameter in "index.php" isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from local resources. Successful exploitation requires that "magic_quotes_gpc" is disabled. Discovery 2005-07-05 Entry 2005-07-08 Modified 2005-07-21 phppgadmin < 3.5.4 14142 CVE-2005-2256 http://secunia.com/advisories/15941/ http://sourceforge.net/project/shownotes.php?release_id=342261

VuXML ID

Description

3d0e724e-129b-11dc-9f79-0016179b2dd5

phppgadmin -- cross site scripting vulnerability

SecurityFocus reports about phppgadmin:

Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected website. As a result, the attacker may be able to steal cookie-based authentication credentials and to launch other attacks.

Discovery 2007-05-27
Entry 2007-06-04
Modified 2010-05-12
phppgadmin

< 4.1.1

24115
CVE-2007-5728
http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html
http://secunia.com/advisories/25446/

4ce3c20b-124b-11de-a964-0030843d3802

phppgadmin -- directory traversal with register_globals enabled

Secunia reports:

Dun has discovered a vulnerability in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information.

Input passed via the "_language" parameter to libraries/lib.inc.php is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes.

Discovery 2008-12-08
Entry 2009-03-16
phppgadmin

< 4.2.2

32670
CVE-2008-5587
http://secunia.com/advisories/33014

88188a8c-eff6-11d9-8310-0001020eed82

phppgadmin -- "formLanguage" local file inclusion vulnerability

A Secunia Advisory reports:

A vulnerability has been reported in phpPgAdmin, which can be exploited by malicious people to disclose sensitive information.

Input passed to the "formLanguage" parameter in "index.php" isn't properly verified, before it is used to include files. This can be exploited to include arbitrary files from local resources.

Successful exploitation requires that "magic_quotes_gpc" is disabled.

Discovery 2005-07-05
Entry 2005-07-08
Modified 2005-07-21
phppgadmin

< 3.5.4

14142
CVE-2005-2256
http://secunia.com/advisories/15941/
http://sourceforge.net/project/shownotes.php?release_id=342261