Lucene search

FreeBSD51B51D4A-7C0F-11DC-9E47-0011D861D5E2

HistoryOct 12, 2007 - 12:00 a.m.

phpmyadmin -- cross-site scripting vulnerability

2007-10-1200:00:00

vuxml.freebsd.org

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.9%

JSON

SecurityFocus reports:

phpMyAdmin is prone to a cross-site scripting vulnerability
because it fails to properly sanitize user-supplied input.
An attacker may leverage this issue to execute arbitrary script
code in the browser of an unsuspecting user in the context of the
affected site. This may help the attacker steal potentially
sensitive information and launch other attacks.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchphpmyadmin< 2.11.1.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	phpmyadmin	< 2.11.1.1	UNKNOWN

References

secunia.com/advisories/27173

www.digitrustgroup.com/advisories/TDG-advisory071009a

www.phpmyadmin.net/home_page/security.php?issue=PMASA-2007-5

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.007 Low

EPSS

Percentile

79.9%

JSON

Related for 51B51D4A-7C0F-11DC-9E47-0011D861D5E2