The version of phpMyAdmin hosted on the remote server is 3.4.x prior to 3.4.6 and is affected by a cross-site scripting vulnerability.  The 'Servers-0-verbose' parameter is not properly sanitized by methods in 'libraries/config/ConfigFile.class.php' as called by the script 'setup/index.php'.  Persistent cross-site scripting is possible if improper filesystem permissions are in place.

Changes for 3.4.7.0 (2011-10-23);

  - [interface] Links in navigation when     $cfg['MainPageIconic'] =3D false

    - [interface] Inline edit shows dropdowns even after       closing

    - [view] View renaming did not work

    - [navi] Wrong icon for view (MySQL 5.5)

    - [doc] Missing documentation section

    - [pdf] Broken PDF file when exporting database to PDF

    - [core] Allow to set language in URL

    - [doc] Fix links to PHP documentation

    - [export] Export to bzip2 is not working

Changes for 3.4.6.0 (2011-10-16) :

  - [patch] InnoDB comment display with tooltips/aliases

    - [navi] Edit SQL statement after error

    - [interface] Collation not displayed for long enum       fields

    - [export] Config for export compression not used

    - [privileges] DB-specific privileges won't submit

    - [config] Configuration storage incorrect suggested       table name

    - [interface] Cannot execute saved query

    - [display] Full text button unchecks results display       options

    - [display] Broken binary column when 'Show binary       contents' is not set

    - [core] Call to undefined function PMA_isSuperuser()

    - [interface] Display options link missing after search

    - [core] CSP policy causing designer JS buttons to fail

    - [relation] Relations/constraints are dropped/created       on every change

    - [display] Delete records from last page breaks search

    - [schema] PMA_User_Schema::processUserChoice() is       broken

    - [core] External link fails in 3.4.5

    - [display] CharTextareaRows is not respected

    - [synchronize] Extraneous db choices

    - [security] Fixed local path disclosure vulnerability,       see PMASA-2011-15=       (http://www.phpmyadmin.net/home_page/security/PMASA-20       11-15.php)

  - [security] Fixed XSS in setup (host/verbose parameter),     see PMASA-2011-= 16     (http://www.phpmyadmin.net/home_page/security/PMASA-2011
    -16.php)
    --------------------------------------------------------
    -------------------=

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

The remote host is affected by the vulnerability described in GLSA-201201-01 (phpMyAdmin: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in phpMyAdmin. Please       review the CVE identifiers and phpMyAdmin Security Advisories referenced       below for details.
  Impact :

    Remote attackers might be able to insert and execute PHP code, include       and execute local PHP files, or perform Cross-Site Scripting (XSS)       attacks via various vectors.
  Workaround :

    There is no known workaround at this time.

ID	Name	Product	Family	Published	Updated	Severity
56652	phpMyAdmin 3.4.x < 3.4.6 XSS (PMASA-2011-16)	Nessus	CGI abuses : XSS	10/26/2011	4/11/2022	medium
56799	Fedora 14 : phpMyAdmin-3.4.7-1.fc14 (2011-15472)	Nessus	Fedora Local Security Checks	11/14/2011	1/11/2021	medium
57433	GLSA-201201-01 : phpMyAdmin: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	1/5/2012	1/6/2021	critical
56797	Fedora 16 : phpMyAdmin-3.4.7-1.fc16 (2011-15460)	Nessus	Fedora Local Security Checks	11/14/2011	1/11/2021	medium
56798	Fedora 15 : phpMyAdmin-3.4.7-1.fc15 (2011-15469)	Nessus	Fedora Local Security Checks	11/14/2011	1/11/2021	medium

Detections

Analytics

Plugins Search

medium

medium

critical

medium

medium