CVE-2005-0543

2005-02-2405:00:00

Debian Security Bug Tracker

security-tracker.debian.org

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.005 Low

EPSS

Percentile

76.6%

JSON

Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary HTML and web script via (1) the strServer, cfg[BgcolorOne], or strServerChoice parameters in select_server.lib.php, (2) the bg_color or row_no parameters in display_tbl_links.lib.php, the left_font_family parameter in theme_left.css.php, or the right_font_family parameter in theme_right.css.php.

OSVersionArchitecturePackageVersionFilename
Debian12allphpmyadmin< 3:2.6.1-pl2-1phpmyadmin_3:2.6.1-pl2-1_all.deb
Debian11allphpmyadmin< 3:2.6.1-pl2-1phpmyadmin_3:2.6.1-pl2-1_all.deb
Debian999allphpmyadmin< 3:2.6.1-pl2-1phpmyadmin_3:2.6.1-pl2-1_all.deb
Debian13allphpmyadmin< 3:2.6.1-pl2-1phpmyadmin_3:2.6.1-pl2-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	phpmyadmin	< 3:2.6.1-pl2-1	phpmyadmin_3:2.6.1-pl2-1_all.deb
Debian	11	all	phpmyadmin	< 3:2.6.1-pl2-1	phpmyadmin_3:2.6.1-pl2-1_all.deb
Debian	999	all	phpmyadmin	< 3:2.6.1-pl2-1	phpmyadmin_3:2.6.1-pl2-1_all.deb
Debian	13	all	phpmyadmin	< 3:2.6.1-pl2-1	phpmyadmin_3:2.6.1-pl2-1_all.deb