Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:phpmyadmin:phpmyadmin:4.3.6:*:*:*:*:*:*:*
There are 21 matching records.
Displaying matches 21 through 21.
Vuln ID Summary CVSS Severity
CVE-2015-2206

libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2.x before 4.2.13.2, and 4.3.x before 4.3.11.1 includes invalid language values in unknown-language error responses that contain a CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests.

Published: March 09, 2015; 1:59:10 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM