Lucene search
K

11 matches found

RedhatCVE
RedhatCVE
added 2019/10/04 9:17 p.m.22 views

CVE-2007-5977

Cross-site scripting XSS vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than...

6.8CVSS5.3AI score0.03194EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2009/03/20 12:0 a.m.33 views

Gentoo Security Advisory GLSA 200903-32 (phpmyadmin)

The remote host is missing updates announced in advisory GLSA 200903-32. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

8.5CVSS0.9AI score0.11175EPSS
Exploits2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.14 views

Fedora Update for phpMyAdmin FEDORA-2007-3666

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5CVSS6.6AI score0.03326EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.18 views

Fedora Update for phpMyAdmin FEDORA-2007-3639

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

6.5CVSS6.6AI score0.03326EPSS
Exploits1References2
seebug.org
seebug.org
added 2007/11/27 12:0 a.m.62 views

phpMyAdmin DB_Create.PHP多个输入验证漏洞

BUGTRAQ ID: 26512 CVE ID:CVE-2007-5976 CVE-2007-5977 CNCVE ID:CNCVE-20075977 phpMyAdmin是一款基于WEB的MySQL管理程序。 phpMyAdmin DBCreate.PHP存在多个输入验证问题,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 问题是由于DBCreate.PHP对参数缺少充分过滤,提交恶意脚本代码作为参数数据,并诱使用户解析,可导致恶意脚本代码在目标用户浏览器上执行。 RedHat Fedora 7 0 phpMyAdmin phpMyAdmin 2.11.1 phpMyAdmi...

6.5CVSS0.9AI score0.01307EPSS
Exploits1
NVD
NVD
added 2007/11/15 12:46 a.m.16 views

CVE-2007-5977

Cross-site scripting XSS vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than...

3.5CVSS5AI score0.0125EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2007/11/15 12:46 a.m.28 views

CVE-2007-5977

Cross-site scripting XSS vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than...

3.5CVSS6AI score0.0125EPSS
Exploits1References1
CVE
CVE
added 2007/11/15 12:0 a.m.59 views

CVE-2007-5977

CVE-2007-5977 is an XSS vulnerability in phpMyAdmin (db_create.php) affecting versions before 2.11.2.1, where remote authenticated users with CREATE DATABASE privileges can inject script via a hex-encoded IMG in the db parameter of a POST request. Connected advisories note related issues in phpMy...

3.5CVSS5AI score0.0125EPSS
Exploits1References10Affected Software1
Debian CVE
Debian CVE
added 2007/11/15 12:0 a.m.24 views

CVE-2007-5977

Cross-site scripting XSS vulnerability in dbcreate.php in phpMyAdmin before 2.11.2.1 allows remote authenticated users with CREATE DATABASE privileges to inject arbitrary web script or HTML via a hex-encoded IMG element in the db parameter in a POST request, a different vulnerability than...

3.5CVSS5.3AI score0.0125EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/11/12 12:0 a.m.27 views

FreeBSD : phpmyadmin -- XSS vulnerability (2d2dcbb4-906c-11dc-a951-0016179b2dd5)

The DigiTrust Group reports : When creating a new database, a malicious user can use a client-side Web proxy to place malicious code in the db parameter of the POST request. Since dbcreate.php does not properly sanitize user-supplied input, an administrator could face a persistent XSS attack when...

6.5CVSS5.3AI score0.01307EPSS
Exploits1References5
phpMyAdmin
phpMyAdmin
added 2007/11/11 12:0 a.m.38 views

XSS vulnerabilities

PMASA-2007-7 Announcement-ID: PMASA-2007-7 Date: 2007-11-11 Summary XSS vulnerabilities Description We received an advisory from Omer Singer, The DigiTrust Group, and we wish to thank him for his work. It was possible to create a malicious database name that contains XSS code. Our team fixed...

3.5CVSS5.7AI score0.0125EPSS
Exploits1Affected Software1
Rows per page
Query Builder