phpMyAdmin 4.3.x < 4.7.8 XSS (PMASA-2018-1)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.7.x prior to 4.7.8. Versions since 4.3 are also affected, but they are no longer supported. It is, therefore, affected by a cross-site scripting XSS vulnerability in dbcentralcolumns.php. A...

CVE-2018-7260

Cross-site scripting XSS vulnerability in dbcentralcolumns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

CVE-2018-7260

CVE-2018-7260 affects phpMyAdmin (db_central_columns.php) and is a cross-site scripting (XSS) flaw in versions prior to 4.7.8. The issue allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL, with impact described in the sources as XSS and partial integrity im...

CVE-2018-7260

Cross-site scripting XSS vulnerability in dbcentralcolumns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL...

CVE-2016-2561

CVE-2016-2561 affects phpMyAdmin 4.4.x before 4.4.15.5 and 4.5.x before 4.5.5.1, allowing remote authenticated users to inject arbitrary web script/HTML via multiple vectors (notably normalization.php, js/normalization.js, sortable_header.phtml, and the pos parameter to db_central_columns.php). T...