PHPMyAdmin 2.x Error.PHP Cross-Site Scripting Vulnerability

2005-08-28T00:00:00
ID EDB-ID:26199
Type exploitdb
Reporter Michal Cihar
Modified 2005-08-28T00:00:00

Description

PHPMyAdmin 2.x Error.PHP Cross-Site Scripting Vulnerability. CVE-2005-2869. Webapps exploit for php platform

                                        
                                            source: http://www.securityfocus.com/bid/14675/info

phpMyAdmin is prone to a cross-site scripting vulnerability.

This issue may be exploited to steal cookie-based authentication credentials from legitimate users of the software. Such an attack would require that the victim follows a malicious link that includes hostile HTML and script code. 

/error.php?error=%3Cscript%3Ewindow.alert('a')%3C/script%3E