Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-1403-1
HistoryNov 08, 2007 - 12:00 a.m.

phpmyadmin - cross-site scripting

2007-11-0800:00:00
Google
osv.dev
5

0.007 Low

EPSS

Percentile

80.2%

JSON

Omer Singer of the DigiTrust Group discovered several vulnerabilities in
phpMyAdmin, an application to administrate MySQL over the WWW. The Common
Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2007-5589
    phpMyAdmin allows a remote attacker to inject arbitrary web script
    or HTML in the context of a logged in user’s session (cross site
    scripting).
  • CVE-2007-5386
    phpMyAdmin, when accessed by a browser that does not URL-encode
    requests, allows remote attackers to inject arbitrary web script
    or HTML via the query string.

For the old stable distribution (sarge) this problem has been fixed in
version 4:2.6.2-3sarge6.

For the stable distribution (etch) this problem has been fixed in
version 4:2.9.1.1-6.

For the unstable distribution (sid) this problem has been fixed in
version 4:2.11.1.2-1.

We recommend that you upgrade your phpmyadmin package.

Related

openvas 12
nessus 8
securityvulns 2
fedora 3
debian 1
debiancve 2
ubuntucve 2
cve 2
nvd 2
phpmyadmin 2
freebsd 2
prion 2
cvelist 2
openvas
openvas
Fedora Update for phpMyAdmin FEDORA-2007-2738
2009-02-27 00:00:00
Debian Security Advisory DSA 1403-1 (phpmyadmin)
2008-01-17 00:00:00
Fedora Update for phpMyAdmin FEDORA-2007-2738
2009-02-27 00:00:00
nessus
nessus
Fedora 7 : phpMyAdmin-2.11.2-1.fc7 (2007-2738)
2007-11-06 00:00:00
Debian DSA-1403-1 : phpmyadmin - missing input sanitising
2007-11-09 00:00:00
Fedora 8 : phpMyAdmin-2.11.2.2-1.fc8 (2007-3639)
2007-11-26 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1403-1] New phpmyadmin packages fix cross-site scripting
2007-11-12 00:00:00
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2007-11-12 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: phpMyAdmin-2.11.2-1.fc7
2007-11-01 21:23:03
[SECURITY] Fedora 8 Update: phpMyAdmin-2.11.2.2-1.fc8
2007-11-22 03:34:18
[SECURITY] Fedora 7 Update: phpMyAdmin-2.11.2.2-1.fc7
2007-11-22 03:37:27
debian
debian
[SECURITY] [DSA 1403-1] New phpmyadmin packages fix cross-site scripting
2007-11-08 22:13:37
debiancve
debiancve
CVE-2007-5589
2007-10-19 23:17:00
CVE-2007-5386
2007-10-12 10:17:00
ubuntucve
ubuntucve
CVE-2007-5589
2007-10-19 00:00:00
CVE-2007-5386
2007-10-12 00:00:00
cve
cve
CVE-2007-5386
2007-10-12 10:17:00
CVE-2007-5589
2007-10-19 23:17:00
nvd
nvd
CVE-2007-5386
2007-10-12 10:17:00
CVE-2007-5589
2007-10-19 23:17:00
phpmyadmin
phpmyadmin
XSS vulnerability
2007-10-15 00:00:00
XSS vulnerabilities
2007-10-17 00:00:00
freebsd
freebsd
phpmyadmin -- cross-site scripting vulnerability
2007-10-17 00:00:00
phpmyadmin -- cross-site scripting vulnerability
2007-10-12 00:00:00
prion
prion
Cross site scripting
2007-10-12 10:17:00
Cross site scripting
2007-10-19 23:17:00
cvelist
cvelist
CVE-2007-5386
2007-10-12 10:00:00
CVE-2007-5589
2007-10-19 23:00:00

0.007 Low

EPSS

Percentile

80.2%

JSON
Related for OSV:DSA-1403-1
openvas12nessus8securityvulns2fedora3debian1debiancve2ubuntucve2cve2nvd2phpmyadmin2freebsd2prion2cvelist2