PhpMyAdmin redirection function content Spoofing Vulnerability (CVE-2015-7873)

PhpMyAdmin redirection function content Spoofing Vulnerability (CVE-2015-7873)
PhpMyAdmin redirection function content Spoofing Vulnerability (CVE-2015-7873)

Release date:
Updated on:

Affected Systems:

phpMyAdmin phpMyAdmin 4.5.x-4.5.1
phpMyAdmin phpMyAdmin 4.4.x-4.4.15.1

Description:

CVE (CAN) ID: CVE-2015-7873

Phpmyadmin is an online management tool for MySQL databases.

In phpMyAdmin 4.4.x-4.15.1 and 4.5.x-4.5.1, the redirection function of url. php has a security vulnerability. Remote attackers can use url parameters to perform content spoofing.

<* Source: Lalith Rallabhandi
*>

Suggestion:

Vendor patch:

PhpMyAdmin
----------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Http://www.phpmyadmin.net/home_page/security/
Https://www.phpmyadmin.net/security/PMASA-2015-5/
Https://github.com/phpmyadmin/phpmyadmin/commit/cd097656758f981f80fb9029c7d6b4294582b706

Example of LAMP architecture collaborative application-phpMyAdmin

PhpMyAdmin and Wordpress for LAMP applications

PhpMyAdmin logon timeout Solution

Install phpMyAdmin and Adminer in Ubuntu

Implement SSL functions based on LAMP and install phpMyAdmin

Configure the LAMP + phpMyAdmin PHP (5.5.9) development environment in Ubuntu 14.04

PhpMyAdmin details: click here
PhpMyAdmin: click here

This article permanently updates the link address: