ID de Prueba:	1.3.6.1.4.1.25623.1.0.807595
Categoría:	Web application abuses
Título:	phpMyAdmin Multiple XSS Vulnerabilities (PMASA-2016-12) - Linux
Resumen:	phpMyAdmin is prone to multiple cross-site scripting (XSS); vulnerabilities.
Descripción:	Summary: phpMyAdmin is prone to multiple cross-site scripting (XSS) vulnerabilities. Vulnerability Insight: Multiple flaws are due to: - An input validation error via table/column name in database normalization page. - An input validation error in 'templates/database/structure/sortable_header.phtml' script in the database structure page. - An input validation error in 'db_central_columns.php' script in the central columns page. - An input validation error in 'normalization.php' script. Vulnerability Impact: Successful exploitation will allow remote attackers to inject arbitrary web script or HTML via crafted parameters. Affected Software/OS: phpMyAdmin versions 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1. Solution: Update to version 4.4.15.5, 4.5.5.1 or later. CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2561 Debian Security Information: DSA-3627 (Google Search) http://www.debian.org/security/2016/dsa-3627 http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178869.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178562.html SuSE Security Announcement: openSUSE-SU-2016:0663 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-03/msg00018.html SuSE Security Announcement: openSUSE-SU-2016:0666 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-03/msg00020.html
Copyright	Copyright (C) 2016 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.