SUSE CVE-2005-0992

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter...

SUSE CVE-2007-6100

Cross-site scripting XSS vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie authtype, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability...

phpMyAdmin登录页面跨站脚本漏洞

BugCVE: CVE-2007-6100 BUGTRAQ: 26513 phpMyAdmin处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在用户浏览器中执行恶意代码。 phpMyAdmin登录页面的index.php文件中没有验证对convcharset参数的输入，如果用户提交了恶意的URL请求的话就可能导致执行跨站脚本。 $ grep -n convcharset libraries/auth/cookie.auth.lib.php 48: @uses $GLOBALS'convcharset' 236: input type="hidden"...

Fedora 7 : phpMyAdmin-2.11.2.2-1.fc7 (2007-3666)

The login page authtype cookie was vulnerable to XSS via the convcharset parameter PMASA-2007-8. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

DEBIAN-CVE-2007-6100

Cross-site scripting XSS vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie authtype, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability...

CVE-2007-6100

Cross-site scripting XSS vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie authtype, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability...

CVE-2007-6100

Cross-site scripting XSS vulnerability in libraries/auth/cookie.auth.lib.php in phpMyAdmin before 2.11.2.2, when logins are authenticated with the cookie authtype, allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter to index.php, a different vulnerability...

XSS vulnerability

PMASA-2007-8 Announcement-ID: PMASA-2007-8 Date: 2007-11-20 Summary XSS vulnerability Description We received an advisory from Tim Brown, Nth Dimension, and we wish to thank him for his work. The login page authtype cookie was vulnerable to XSS via the convcharset parameter. Severity We consider...

DEBIAN-CVE-2007-0341

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than...

CVE-2007-0341

Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.1 and earlier, when Microsoft Internet Explorer 6 is used, allows remote attackers to inject arbitrary web script or HTML via a javascript: URI in a CSS style in the convcharset parameter to the top-level URI, a different vulnerability than...

CVE-2005-0992

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter...

CVE-2005-0992

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter...

CVE-2005-0992

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter...

CVE-2005-0992

Summary: CVE-2005-0992 is an XSS in phpMyAdmin’s index.php via the convcharset parameter. The NVD entry lists a base score of 4.3 (MEDIUM) with network access, no confidentiality impact, but partial integrity impact and no availability impact. Connected OpenVAS entries tie the vulnerability to ph...

CVE-2005-0992

Cross-site scripting XSS vulnerability in index.php in phpMyAdmin before 2.6.2-rc1 allows remote attackers to inject arbitrary web script or HTML via the convcharset parameter...

phpmyadmin -- cross site scripting vulnerability

A phpMyAdmin security announcement reports: The convcharset parameter was not correctly validated, opening the door to a XSS attack...

phpMyAdmin 2.x - Convcharset Cross-Site Scripting

phpMyAdmin 2.x - Convcharset Cross-Site Scripting source: https://www.securityfocus.com/bid/12982/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'convcharset' parameter. phpMyAdmin versions prior to 2.6.2-rc1 are...

phpMyAdmin 2.x - Convcharset Cross-Site Scripting

source: https://www.securityfocus.com/bid/12982/info phpMyAdmin is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'convcharset' parameter. phpMyAdmin versions prior to 2.6.2-rc1 are affected by this issue...