The phpMyAdmin development team reports:
- With a crafted database, table or column name it is
possible to trigger an XSS attack in the table browse
page.
- With a crafted ENUM value it is possible to trigger
XSS attacks in the table print view and zoom search
pages.
- With a crafted value for font size it is possible to
trigger an XSS attack in the home page.
These vulnerabilities can be triggered only by someone
who is logged in to phpMyAdmin, as the usual token
protection prevents non-logged-in users from accessing the
required pages. Moreover, exploitation of the XSS
vulnerability related to the font size requires forgery of
the pma_fontsize cookie.
In the GIS editor feature, a parameter specifying the
geometry type was not correcly validated, opening the door
to a local file inclusion attack.
This vulnerability can be triggered only by someone who
is logged in to phpMyAdmin, as the usual token protection
prevents non-logged-in users from accessing the required
page.
With a crafted file name it is possible to trigger an
XSS in the error reporting page.
This vulnerability can be triggered only by someone who
is logged in to phpMyAdmin, as the usual token protection
prevents non-logged-in users from accessing the required
page.
In the error reporting feature, a parameter specifying
the file was not correctly validated, allowing the
attacker to derive the line count of an arbitrary file
This vulnerability can be triggered only by someone who
is logged in to phpMyAdmin, as the usual token protection
prevents non-logged-in users from accessing the required
page.