Package "phpliteadmin"

Name: phpliteadmin


web-based SQLite database admin tool

Latest version:
Release: bionic (18.04)
Level: updates
Repository: universe
Homepage: https://www.phpliteadmin.org/


Download "phpliteadmin"

Other versions of "phpliteadmin" in Bionic

Repository Area Version
security universe

Packages in group

Deleted packages are displayed in grey.


Version: 2022-08-08 12:06:21 UTC

  phpliteadmin ( bionic-security; urgency=medium

  * SECURITY UPDATE: cross-site scripting (LP: #1964710)
    - debian/patches/Fix-post-num-XSS.patch:
      Forcibly cast input value to integer. Original fix.
    - CVE-2021-46709
  * Update PHP version to 7.2 in a directive comment for a2enconf(8).

 -- Nicholas Guriev <email address hidden> Sun, 22 May 2022 22:24:22 +0300

Source diff to previous version
1964710 XSS vulnerability in row_create
CVE-2021-46709 phpLiteAdmin through allows XSS via the index.php newRows parameter (aka num or number).

Version: 2018-05-02 00:06:41 UTC

  phpliteadmin ( bionic-security; urgency=medium

  * SECURITY UPDATE: authentication bypass (LP: #1767723)
    - debian/patches/Fix-authentication-bypass.patch:
      replace == with === in password comparation in
      classes/Authorization.php. Based on upstream commit
    - CVE-2018-10362

 -- Nicholas Guriev <email address hidden> Sat, 28 Apr 2018 00:14:25 +0300

1767723 CVE-2018-10362: Authentication bypass
CVE-2018-10362 An issue was discovered in phpLiteAdmin 1.9.5 through Due to loose comparison with '==' instead of '===' in classes/Authorization.php for th

About   -   Send Feedback to @ubuntu_updates