Lucene search

K
cve[email protected]CVE-2009-3696
HistoryOct 16, 2009 - 4:30 p.m.

CVE-2009-3696

2009-10-1616:30:00
CWE-79
web.nvd.nist.gov
43
cve-2009-3696
xss
phpmyadmin
web script injection
html injection
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.1%

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.11.x before 2.11.9.6 and 3.x before 3.2.2.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name for a MySQL table.

Affected configurations

NVD
Node
phpmyadminphpmyadminMatch2.11.0
OR
phpmyadminphpmyadminMatch2.11.0beta1
OR
phpmyadminphpmyadminMatch2.11.0rc1
OR
phpmyadminphpmyadminMatch2.11.0.0
OR
phpmyadminphpmyadminMatch2.11.0beta1
OR
phpmyadminphpmyadminMatch2.11.1
OR
phpmyadminphpmyadminMatch2.11.1rc1
OR
phpmyadminphpmyadminMatch2.11.1.0
OR
phpmyadminphpmyadminMatch2.11.1.1
OR
phpmyadminphpmyadminMatch2.11.1.2
OR
phpmyadminphpmyadminMatch2.11.2
OR
phpmyadminphpmyadminMatch2.11.2.0
OR
phpmyadminphpmyadminMatch2.11.2.1
OR
phpmyadminphpmyadminMatch2.11.2.2
OR
phpmyadminphpmyadminMatch2.11.3
OR
phpmyadminphpmyadminMatch2.11.3rc1
OR
phpmyadminphpmyadminMatch2.11.3.0
OR
phpmyadminphpmyadminMatch2.11.4
OR
phpmyadminphpmyadminMatch2.11.4rc1
OR
phpmyadminphpmyadminMatch2.11.4.0
OR
phpmyadminphpmyadminMatch2.11.5
OR
phpmyadminphpmyadminMatch2.11.5rc1
OR
phpmyadminphpmyadminMatch2.11.5.0
OR
phpmyadminphpmyadminMatch2.11.5.1
OR
phpmyadminphpmyadminMatch2.11.5.2
OR
phpmyadminphpmyadminMatch2.11.6
OR
phpmyadminphpmyadminMatch2.11.6rc1
OR
phpmyadminphpmyadminMatch2.11.6.0
OR
phpmyadminphpmyadminMatch2.11.7
OR
phpmyadminphpmyadminMatch2.11.7.0
OR
phpmyadminphpmyadminMatch2.11.8
OR
phpmyadminphpmyadminMatch2.11.9
OR
phpmyadminphpmyadminMatch2.11.9.0
OR
phpmyadminphpmyadminMatch2.11.9.1
OR
phpmyadminphpmyadminMatch2.11.9.2
OR
phpmyadminphpmyadminMatch2.11.9.3
OR
phpmyadminphpmyadminMatch2.11.9.4
OR
phpmyadminphpmyadminMatch2.11.9.5
OR
phpmyadminphpmyadminMatch3.0.0
OR
phpmyadminphpmyadminMatch3.0.0rc1
OR
phpmyadminphpmyadminMatch3.0.0-alpha
OR
phpmyadminphpmyadminMatch3.0.0-beta
OR
phpmyadminphpmyadminMatch3.0.1
OR
phpmyadminphpmyadminMatch3.0.1rc1
OR
phpmyadminphpmyadminMatch3.0.1.1
OR
phpmyadminphpmyadminMatch3.1.0
OR
phpmyadminphpmyadminMatch3.1.0-beta1
OR
phpmyadminphpmyadminMatch3.1.0.0
OR
phpmyadminphpmyadminMatch3.1.1
OR
phpmyadminphpmyadminMatch3.1.1rc1
OR
phpmyadminphpmyadminMatch3.1.2
OR
phpmyadminphpmyadminMatch3.1.2rc1
OR
phpmyadminphpmyadminMatch3.1.3
OR
phpmyadminphpmyadminMatch3.1.31
OR
phpmyadminphpmyadminMatch3.1.3rc1
OR
phpmyadminphpmyadminMatch3.1.3.1
OR
phpmyadminphpmyadminMatch3.1.3.2
OR
phpmyadminphpmyadminMatch3.1.4
OR
phpmyadminphpmyadminMatch3.1.4rc2
OR
phpmyadminphpmyadminMatch3.1.5
OR
phpmyadminphpmyadminMatch3.1.5rc1
OR
phpmyadminphpmyadminMatch3.2.0
OR
phpmyadminphpmyadminMatch3.2.0rc1
OR
phpmyadminphpmyadminMatch3.2.0-beta1
OR
phpmyadminphpmyadminMatch3.2.0.1
OR
phpmyadminphpmyadminMatch3.2.1
OR
phpmyadminphpmyadminMatch3.2.1rc1
OR
phpmyadminphpmyadminMatch3.2.2
OR
phpmyadminphpmyadminMatch3.2.2rc1

References

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.3 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.1%