5 matches found
SUSE CVE-2006-2417
Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...
openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-1581)
Missing checks of the 'db' and 'theme' parameters could be exploited for cross site scripting attacks CVE-2006-2417, CVE-2006-2418. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE 10 Security Update : phpMyAdmin (phpMyAdmin-1611)
Missing checks of the 'db' parameter could be exploited for cross site scripting attacks CVE-2006-2417. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update phpMyAdmin-1611. The text description of...
CVE-2006-2417
Cross-site scripting XSS vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031...
CVE-2006-2417
CVE-2006-2417 describes an XSS vulnerability in phpMyAdmin 2.8.0.x prior to 2.8.0.4, where an attacker can inject arbitrary script/HTML via the theme parameter in certain scripts (lang parameter covered by CVE-2006-2031). The vulnerability is remote and could lead to script execution in the victi...